Have you heard your “web guy/gal” talk about a privacy policy and asking if you want to include one on your site? Have you just brushed them off and thought that it was something you didn’t need? Well, I’m here to  remind you about what “assume” means; and that those “assumptions” could very well make an “ass” out of “u”.

What Is a Privacy Policy?

A privacy policy is a document that explains how you and/or your business/organization handles any customer, client, or employee information that you acquire in any way, shape, or form. If your privacy policy is on your website, it pertains to your site visitors. If you are a coach of any kind and maintain client data on your PC or “on the cloud”, the policy would pertain to how that information is stored and WHAT information is stored. If you store that information physically, like in a file cabinet, than your on site privacy policy would explain how you handle that information.

If you have a simple contact form to collect email addresses, you are collecting personal indentifiable information (PII) and should have a privacy policy on your website.

Who should have a privacy policy?

Everyone – especially business owners – with a website should have a privacy policy. If you collect email addresses for a newsletter, you need a privacy policy. If you collect payment information or have people fill out a form to schedule an appointment with you, you need a privacy policy. If you collect information at a physical location that is listed on your website, you should have a privacy policy. If you collect and/or store ANY information provided from visitors, customers, clients, etc; you need a privacy policy.

Bloggers. Crafters with an etsy shop. Coaches. Freelancers. Artists. Media personalities. Tax professionals. Small brick and mortar stores. Restaurants.

You get the idea.

I have a privacy policy. Now what?

About five (5) years ago, you could create a simple templated privay policy that you probably would have copied and pasted from another website and just updated the name and contact information. In 2023, that’s not the case. A few years ago, the European Union introduced their privacy laws that had everyone scrambling to become “GDPR” compliant and add that fun little “cookie policy” banner. As we experience more malicious intent – like hacking and people selling information to the highest bidders – more states are establishing their own laws regarding how businesses store PII.

In 2023 there are six (6) new laws that will be going into effect.

It’s not just enough to have a privacy policy on your website anymore. It’s more important than ever that you have it up to date and compliant. If there is a law in effect in California for example, but you are based in Wisconsin, you still need to be in compliance with that California law if you have visitors or customers from California whose information you may or may not acquire using the contact form on your website. If you’re not in compliance, you open yourself (and/or your business) to a fine (of up to $5,000 per user per violoation) or being sued. Nobody needs those headaches or hassles. 

You should also look at making sure other policies are posted and up to date on your website. Cookie Policy. Terms of Service (TOS). General Disclaimer. EULA (end user license agreement).

We can help.

If you’re reading this, you are likely a small business owner and wear a dozen hats as it is. Website maintainer, information technologist, and privacy policy specialist are three that you should not have to wear. We can help you create policies that are up to date and in compliance with all current and applicable standards and laws. We can also help you keep those policies up to date. For more information, head on over to the “Work With Us” page and submit the form. And yes, if you want to take a look at our privacy policy, it’s linked in the footer.