Let’s talk about privacy!
Privacy policies look intimidating, but you should always read them when possible.
They are legal documents informing users what you do with their data. For example, if you collect email addresses, names, and birthdays during the user signup process, you need to tell users what happens with their information. For example, some websites might use it for internal purposes (such as customer profiling). Others might sell the information to third-party services, in which case consent is necessary.
As you are aware, privacy policies are usually skipped over by the majority of visitors. However, there are several benefits to adding one to your website:
- Some countries require privacy policies as part of the law. Some local and international regulations, such as the California Online Privacy Protection Act (CalOPPA) and the European Union General Data Protection Regulation (GDPR), require you to outline what you do with user information.
1. How and What Type of Information You Collect
This clause is the bread and butter of privacy policies. It details the exact information you collect and how. To recall our earlier example, you can get email addresses and names directly from signup forms. However, there is also data you can obtain without the user knowing. For example, Google Analytics tracks the user’s preferred web browser to mention it.
Personally Identifiable Information refers to information that tells us specifically who you are, such as your name, email address, or phone number. Downloading information or logging in may allow the Company to “recognize” you to allow us to personalize our service for you.
This first section discusses what we consider personal information instead of anonymous data we might collect. It also mentions we may use the information to personalize your user experience. In our case, logging in is only necessary to download products you may have purchased, so it’s not obligatory.
2. What You Do With the Information You Collect
For our Clients, we use personal information mainly to provide the Services and contact our Clients regarding account activities, new version and product offerings, or other communications relevant to the Services. We do not sell or share any personally identifiable or other information of End Users to any third parties, except, of course, to the applicable Client whose website you are using.
If you’re uncomfortable with how a website uses your information, the GDPR outlines the ‘right to be forgotten. For example, websites must legally delete your information when requesting to cancel your account.
Cookies are files on your computer that contain personal settings for specific websites. The term supposedly comes from ‘magic cookies,’ a UNIX-based Operating Systems (OS) token.
One of the most well-known data protection laws is the General Data Protection Regulation (GDPR), which came into effect in 2018. The European Union (EU) implemented GDPR to give internet users rights over their data.
The GDPR applies to websites and applications targeting residents of the European Economic Area (EEA), regardless of where the website or application is located. The law has become the blueprint for many other modern privacy laws.
Another landmark privacy law is the California Consumer Privacy Act (CCPA), also enacted in 2018. The CCPA was the first comprehensive privacy law passed by every state in the United States. It’s designed to give users living in California more control over the information companies collects about them.
CCPA is similar to GDPR but is generally considered less restrictive. For example, both laws give users more control over their data collection and processing, but the GDPR has stricter rules on using cookies and user consent. You should check out our cool infographic showing the differences between CCPA and GDPR.
Electronic Privacy Directives and Regulations
Before the CCPA and GDPR, the ePrivacy Directive (also known as EU Cookie Law) was the EU’s primary regulator of internet privacy. It ensures that the website obtains the user’s consent to place non-essential cookies on their browser. The directive will be amended to become the Electronic Privacy Regulation (ePr), which will be used in conjunction with the GDPR. However, the European Commission has yet to agree on a final text and has delayed efforts indefinitely.
The Personal Information Protection and Electronic Documents Act (PIPEDA) is Canada’s privacy law. It gives Canadian internet users the right to consent to the collection of their data and the right to access and challenge the accuracy of their information. According to PIPEDA, an individual’s data may only be used for collection purposes.
Fundamental principles of the law are enhanced accountability, determination of the purpose of data collection, appropriate use of consent, and restriction of the group of sensitive or personal data.
Additionally, it is designed to limit personal information use, disclosure, and retention. Data must be secure and accurate and should be accessible to individuals. Additionally, individuals must be able to challenge organizations that do not comply.
- Lets you customize your policy using your company’s information.
- Enables you to add necessary clauses for several popular third-party services, including Amazon Associates and Google Analytics.
- Finally, Provides automatic updates to your policy based on any new regulations.
Price: Free and paid plans are available
TermsFeed enables you to generate basic privacy policies in minutes and customize them using your site’s information. Each time you want to create a new approach, the service will walk you through a questionnaire to help you determine the clauses you need. When the process is over, you’ll receive your new policy via email in seconds. The platform also allows you to update your policies automatically as laws change.
- Enables you to generate custom privacy policies using a simple questionnaire.
- It lets you adjust your approach to comply with national and international laws.
- Provides automatic policy updates whenever the law changes.
Price: Free and paid plans are available
- Enables you to outline how you deal with customer payment information.
Price: Free, but you need a Shopify subscription to get the most out of it
Clicking on the button will show you a list of clauses you can add:
When you’re done adding services, click on the Next button at the bottom of the page. You’ll now need to enter your company’s name and address, then click on Next again:
On the final screen, you’ll find options to embed your policy into your website:
Website privacy policies don’t get the spotlight they deserve. However, they’re essential elements of any website that takes data protection regulations seriously. On top of enabling you to keep your operations above board, privacy policies also outline how your site handles personal information, which should help put visitors’ minds at ease.
- TermsFeed: This simple service enables you to create a basic policy through a questionnaire.
- Termly creates it wholly and simply.