Creating a privacy policy to explain how you will be using visitor’s personal data when they access your website is one of the most important first steps to make when putting your company online. Whether you are a large corporation or a smaller start-up, there is a high chance that you are probably collecting some sort of personal data, so you will need to create a privacy policy to protect yourself. This will be a legal document to show users you can be trusted and have procedures in place ensuring their personal information is handled with care.
An ideal privacy policy will set out the details of your company and the type of information you collect. You must also set out why you are using the data and how you will be using it. Visitors would also want to know whether any third parties will receive the data, how long you will be storing the data for and how you plan to ensure it is kept secure. Although it is a legal document, it must be clear and in easy-to-understand terms.
UK and EU data protection laws legally require a privacy policy. The Privacy and Electronic Communications (EC Directive) Regulations state that you must let visitors know you are collecting their personal information, by having an instantly accessible privacy policy. The EU directive is not limited to EU countries but operates on a global level as the internet is accessible to all. The Human Rights Act 1998 also prevents the unlawful monitoring of data, and according to the Freedom of Information Act 2000, you must carefully consider which information is being used and whether it is protected. Failure to have a privacy policy in the UK is failing to comply with the UK Data Protection Act, which may result in a fine of up to 4% of your company revenue.
Aside from legal requirements, users are also generally interested in the privacy of their information and will want to feel secure using your website, this includes providing an email address for a newsletter subscription, or a home address if purchasing something online.
Having a privacy policy is now considered common practice even if you don’t collect any information, for visitors information, so they can agree to the terms of your privacy policy. Third-party services may also require a privacy policy in order to use their services, for example, Apple requires one to put your app on the App Store, and Google requires one to allow adverts, storing cookies on the user’s computer to collect data about the user to tailor adverts.
Overall, a privacy policy is an important requirement if you are running a business online and collecting information about your visitors. Without one, you run the risk of a legal problem that could have easily been avoided, saving you time and money.
Click here to find out about the technology we use to make this management easily accessible, affordable and relevant for the entrepreneurs we serve.
If you are unsure about anything written in this article, or to speak to a lawyer, give us a call.
