Digital Designs Privacy Policy cover image of woman using her phone and laptop

Does Every Website Need a Privacy Policy?

Ilya | July 09, 2018

**We are not lawyers and are not pretending to offer any sort of legal advice with this post.

Over the past couple of months, your inbox has likely been flooded with emails about Privacy Policy updates and data collection consent requests. That’s because digitally-operating companies all over the world are becoming compliant with a new European law called the General Data Protection Regulation (GDPR).

After wading through all the emails and accepting all these new policies you might be asking yourself, particularly as a business owner with a web presence...what exactly is a Privacy Policy and furthermore, do I need one on my website? The simple answer is, yes! Since the digital world is so different from the brick and mortar world, a Privacy Policy is a part of conducting business in an open and transparent fashion. A Privacy Policy is a legal document that informs your users about any type of data that your site may collect, how you’re receiving it, what you’re doing with it, and how long that data stays in your possession.

What is this GDPR law about?

The General Data Protection Regulation (GDPR) was developed for the management of data privacy and enforcing its protection for users in the 28 countries of the European Union, even if the data is processed elsewhere. Basically, the users in these countries now have legal right to know, understand and, with that awareness, consent to the information being collected about them. The reason why companies have been so serious about updating their policies is that penalties for violating the GDPR can be harsh, as much as €20 million or 4 percent of an organization's annual global revenue. The bottom line is, as a website owner, you need your users' permission to collect their data. We encourage you to learn more about what the GDPR, its purpose, principles and more.

Why does my site need a Privacy Policy?

  1. Again, you might be wondering what a European law has to do with your website if you and your target audience are located in the United States. If your website collects any data from EU residents, even if it's anonymous (such as cookies), you're required by law to have a Privacy Policy. Since it's difficult to be absolutely sure that NO EU resident will ever use your site, a Privacy Policy is a must-have. Even if you can be certain that your site doesn’t receive any personal data, it is still recommended that you create a Policy that informs your users that you’re not collecting anything. Even if all it says is that you don’t collect any information. On that note, keep in mind that it will most likely only be a matter of time before the US government follows suit in adopting a law like the GDPR.
  2. If your site uses third-party services such as Google Analytics, you're required to describe your website’s use of their services and plugins in your Privacy Policy.
  3. More than ever, your customers are more concerned about transparency and accountability. Let users see that you value their privacy and respect their data! It’s a great way to show that you can be trusted and it builds their confidence in your brand.

Am I collecting user information?

Yes, most likely.

If your website uses Google Analytics, Google AdSense or AdWords, or social media plugins such as “like” and “share” buttons, embedded YouTube videos or any other media content, then your website places so-called Cookies on the user's browser and your site is therefore by definition of these recent regulations tracking user information, even it is anonymous data.

Maybe your site has a login function through an online store. Or it allows users to leave comments on a blog post. Even if you just have a contact form or survey, these functions use cookies and/or collect and track user information. You'll want to make your users aware of this in your Privacy Policy.

What should I do?

At a minimum, we recommend that our clients add a Privacy Policy and Terms of Service to your website. We can also add a Cookie consent banner to your site. Feel free to give us a call, or send us a message through our compliant contact form, and we can point you in the right direction!

Again, as stated in the beginning, the advice in this article is not intended as legal advice but is based on our research on industry best practices.

Contact Us

Share This

You Might Be Interested In These

Let’s build something great together.