If you do any kind of business online, you need a privacy policy. It doesn’t matter if you don’t sell anything but are primarily using your website to promote yourself as a thought leader in your field or to solicit speaking engagements. If you collect any information from your visitors — even if it’s just collect their email address for your newsletters — you need a privacy policy. And if you collect their information by other means — say, you solicit business cards at a trade show or networking event, or you have a brick-and-mortar store that takes credit cards — you need a privacy policy.
Third Parties Count, Too
Remember, too, that even if you do none of the above, you may still work with third-party companies that collect visitor information. Your website hosting company may do just that as part of its ordinary daily business. Any analytics program that you install on your site that collects IP addresses would also fall under this requirement.
If you do any kind of affiliate ads (such as those on our site), those affiliate networks necessarily collect visitor information not only to process sales (e.g., credit card information, shipping address), but to credit you with the sales associated with your affiliate ads. You may not be collecting the information yourself, but your privacy policy must include language that informs visitors that their information may be shared with third parties through these affiliate relationships.
Ignorance Doesn’t Excuse You From the Law
Consumers are becoming especially wary of how their personal information is used, either offline or online, and it’s to your advantage to be as transparent as possible when visitors venture onto your site. Perhaps most important, some states — including California — have stringent laws requiring that commercial websites clearly post privacy policies. While no federal law as yet goes that far, if you do any kind of business with a state that requires such a policy, or if you even have website visitors from those states, regardless of whether or not they actually purchase anything, you must have a privacy policy.
The Paid Option of Creating a Privacy Policy
If you have a business attorney, you may already have a privacy policy, but if not, it’s worth it to ask them to draw something up specifically for your company. The benefit of having your attorney draw it up is that they can update it as your business needs and operations change.
Another option is to use one of the inexpensive legal support membership programs that are proliferating everywhere, from LegalZoom’s Business Legal Plan to LegalShield (formerly Pre-Paid Legal). You must be a member to take advantage of their services and products, but it might be worth it if you can’t afford to retain an attorney but need legal advice on occasion for contracts, government documents, and of course, your privacy policy.
Truste.com specializes in privacy and security applications, audits and related programs and even includes EU-compliant products and services for companies that do business with or in the EU. It’s not cheap, but they know their stuff and have small business options.
P3PWiz.com focuses exclusively on generating a privacy policy customized for your website for just $29.95/year, with optional renewals at $19.95/year. This includes ongoing support, upgrades, a “privacy seal,” and other features.
The Free Option of Creating a Privacy Policy
While many of the paid options certainly provide a measure of extra protection since you have the backing of an experienced attorney who can advise you on specific rules and regulations, there are some free privacy policy templates that do a really good job of creating policies for small business websites. Just remember that I’m not a lawyer (and that I don’t even look like anyone who plays one on TV), so if you have any concerns or questions, please consult a licensed attorney.
FreePrivacyPolicy.com (be forewarned that you’ll be added to their mailing list, but you can always opt out!)
Each of these sites will ask you a few questions about how you collect visitor and customer information, and then will automatically give you a template to add to your website. It takes literally a couple of minutes, unless you have a very complicated business structure, in which case you really should have an attorney draw one up for you.
If you know of other resources for small businesses with regards to generating privacy policies, let me know or just share them in the comments below!
Image courtesy of FreeDigitalPhotos.net
About Marjorie