American Website Owners: You Need a Privacy Policy!

Not only do privacy policies create a stronger relationship between website owners and their visitors, but in most cases, they are now legally required. These informative written documents increase transparency from the site to online consumers about what the site does and doesn’t do with the visitors’ personal information.

Most countries have privacy laws that require business owners and app developers to include a privacy policy – a statement describing their data collection as a disclosing service to their visitors or users. The collection or sharing of personal information like names, emails, images or any other means of identifying a returning user (the way ad networks serve targeted advertising for example) must be disclosed. “Commercial” is an often used trigger for privacy policies, which is generally defined broadly in order for it to cover a wide range of cases. If you sell data to a third-party, that’s OK – as long as you make your intentions clear to the people who will be providing the information.

According to the California Online Privacy Protection Act (CalOPPA), an operator of a commercial website or online service that collects personally identifiable information through the internet about individual consumers residing in California who use or visit its commercial website or online service, shall conspicuously post its privacy policy on its website.

The term “operator of a commercial website or online service” usually includes a very wide spectrum of people, as well as app developers (as communicated by the Attorney General of California). In almost every case, if you collect information – even emails, you need to display a link to your privacy policy in a prominent location – preferably in your footer.

What kind of online behavior triggers the need for a website to provide privacy policy?

Under CalOPPA, the collection of Personally Identifiable Information (PII) is very broadly defined to cover “personally individually identifiable information about an individual consumer” and includes a consumer’s first and last name, home or other physical address, email addresstelephone number, and Social Security number. In addition, PII includes any other identifying information that permits the physical or online contacting of a specific California consumer, as well as other user-related information maintained in personally identifiable form.

CalOPPA is potentially quite disruptive in reach and is not limited to California’s borders. Even if your Web site or online service isn’t run from California, it may still impact and collect personal information from customers who are California residents. And hence, it is very likely that the regulations of the CalOPPA extend to you as well.6 Key Questions To Ask Yourself About Your Ecommerce Store

If your service is made for children, you must comply with the Children’s Online Privacy Protection Act (COPPA). It requires that operators of websites or online services that are either directed to children under the age of 13, or which have actual knowledge that they are collecting personal information from children under the age of 13, must give notice to parents and get their verifiable consent before collecting, using, or disclosing such personal information and must keep the information they collect from children safe and secure through an SSL certificate and periodic, PCI compliant vulnerability scanning.

Business owners or app developers in need of free privacy policy templates for their websites can get one from Free Privacy Policy.com.

You may also like...