Your Website Trilogy of Legal Documents: Creating Trust, Legal Protection and Compliance - Part I Privacy Policies
Jul 04, 2023It’s an amazing feeling when you finally hit publish on your brand new, shiny website, or add new sales pages promoting your latest products and services. If you’re an online course creator or online coach, run an online membership or offer custom services online, your website is one of the key ways that you promote your business and connect with your customers. As your customers navigate around your website, you’ll want to be sure you have the right documents in place to legally protect your website, build trust with your customers and meet your legal obligations. There are three must-have policies for your website: a privacy policy, terms and conditions of use and a disclaimer. This blog post kicks off a three-part series on protecting your website. In this blog, the first in the series, we’ll cover the importance of having a website privacy policy, what's typically included in a website privacy policy, why it’s essential for your business to have one and some of the risks you take by not having a privacy policy on your website. Over the next two weeks we’ll look at the other two website documents - terms and conditions of use and disclaimers - to understand the key features and benefits of these documents for your website and your business.
A Must Have: Your Website Privacy Policy
First up in our discussion of your essential website documents is your website privacy policy. Of the three policies you need for your website, the privacy policy is the one that you are legally required to have if you collect any personal information from your website visitors. In our digital age, concerns about privacy online are only increasing. Not only are individuals concerned about what information you are collecting and how you are using it, but governments are interested as well. In the United States, the Federal Trade Commission (FTC), which regulates unfair and deceptive business practices, has published guidelines for privacy policies. Many states have also passed laws requiring privacy policies for businesses that collect personal information from residents that live in those states. California is one of the most strict when it comes to privacy policies having enacted the California Online Privacy Protection Act (CalOPPA) many years ago. The European Economic Union (EEU) passed the GDPR (General Data Protection Regulation) that is even more stringent than the privacy and data security laws in the U.S. As an online business, it’s difficult, if not impossible, to differentiate website users by where they live, so your privacy policy needs to be broad enough and comprehensive enough to capture the requirements of all the locations where your prospective customers live.
Essential Elements of a Privacy Policy
Here are some of the key categories of provisions to consider including in your website privacy policy.
Data Collection: Tell your website visitors what types of personal information you collect from them. You might collect their name, email, billing information or other personal information unique to your business needs. Explain why you are collecting this information and how collecting it relates to your business.
Data Usage and Storage: Describe how you handle, store and collect their personal information and provide assurances that you will treat their information carefully and securely. If you have specific security measures in place, such as encryption, mention these in your policy.
Purposes: Tell your customers why you collect their personal data. You may need it for account creation, communication, analytics or other reasons. Your customers will have more trust in you and your business when you are transparent about how you use their personal information.
Third Party Relationships: Your website privacy policy should inform customers if you share their data with third parties, which data is shared and why you need to share it. For example, you may need to share personal information for payment processing or with service providers that enable you to deliver your products or services.
Cookies, Tracking and Automated Technologies: Digital technologies are improving daily in their ability to track and monitor customer behavior online. Tracking cookies ~ not the triple chocolate chunk kind ~ may be the most commonly known type of digital tracking, but there are many more. Describe in your privacy policy the types of tracking technologies you use, what role they serve and how you use them. Your website users should have the ability to opt or or manage cookie preferences.
Disclosure of Information: Explain under what circumstances you might need to disclose your customers’ personal information, such as to meet your legal obligations or if you sell your business. Assure your visitors that it’s not your regular practice to disclose or share their information (if this is in fact true).
Age Limitations: If your website is not designed for children, set an age limitation for access to your website.
Special Considerations: If your website will be accessed outside of the U.S., include provisions to make your privacy policy GDPR compliant, and then make sure that your business practices match what you’ve said in your policy.
User Rights: Let your customers know their rights about your collection and use of their personal information. Explain how they can learn what information you have collected and how they can correct or ask you to delete their information. You’ll need a contact email address for your business where your customers and website visitors can contact you.
Email: Share with your customers how you’ll use email in your business, assure them you won’t sell their email or send them spam (assuming these statements are true) and let them know they have the right to opt out. Be sure to use an email service provider that lets people easily opt-out of emails.
Updates: Your privacy policy is a living document and you should check in from time to time to ensure it matches your current business practices and legal requirements. Let your visitors know you might change your privacy policy terms in the future. Your business probably looks different on day one than in year five and you should update your policy to reflect any changes as your business grows.
Link Up Your Other Policies: Each of your website policies should contain links to your other policies. Your policies should work together and not conflict with one another. By keeping each of your website policies in separate documents, you make your visitors aware of the different categories of policies you have on your website and make it easier for your visitors to locate your policies or investigate how you handle a specific issue.
Remember, you have three distinct but important goals to fulfill with your website privacy policy: legal compliance, legal protection and customer trust. By adopting a privacy policy and publishing it on your website, you fulfill your legal obligation and you let customers know you are serious about your business and the responsibilities that come with being a business owner. You’re also adding a layer of legal protection to your business. Without a website privacy policy, your business is vulnerable to regulatory action, such as investigations or fines, which can be disruptive to your business. Operating without a website privacy policy or not following the policies you put in your policy can also expose your business to liability risk. Be sure to follow the procedures you identify in your policy and take steps to ensure that your customers’ personal data isn’t subject to a privacy data breach.
Your website privacy policy should include language that if your website visitors use your website and explore its content they are agreeing to the terms of your website privacy policy. As you want your website privacy policy to apply to both window shoppers and actual customers, you’ll need to ensure that your policy is binding on both. When your visitors cross over and become your customers, as part of the checkout process you can ask them to specifically agree to your website privacy policy as well as your other website policies and terms specific to their purchase. By making acceptance of your policies part of the checkout process you have an opportunity to educate your customers about your policies and help manage expectations about your business relationship. This will help build customer trust and provide you and your business with important legal protection if disputes arise later.
Summary
Launching your online business as a course creator, coach, membership site or custom service provider is an exciting and rewarding endeavor. Ensuring that at each stage of your business’ development you are integrating the essential legal components applicable to that stage of your business’ growth will help ensure the long term success of your online business. A legally protected website is one of the foundational aspects of your online business. Ensure that you have a privacy policy, website terms of use and a disclaimer, the three essential documents your website needs to be legally protected and you need to build trust and transparency with your customers.
Does your website have the triad of legal documents it needs? Check out the Website Bundle over in the Step Up Your Legal™ Template Shop to get the privacy policy, website terms of use and disclaimer you need today.