privacy policy

What You Need to Know About Privacy Policies
Is your business at risk?

Across the globe, regulations exist that require companies of all kinds to state privacy policies in order to protect their citizens. The most recent of these regulations, the EU General Data Protection Regulation (GDPR), took effect in May of 2018 and affects any business that collects personal information from any European citizen. Regulations in other countries state similar rules. Because of the global nature of the Internet, you MUST have a privacy policy stated on your website it you collect any personal information from website visitors. Additionally, many third party services require you to state a privacy policy before using their services.

Who needs a privacy policy?

All companies that collect any sort of personal data from users. There are many types of data collection that qualify, but here are a few examples:

  • Do you have a “contact us” form on your website that requires users to enter their email addresses and/or names?
  • Do you utilize website analytics?
  • Do you run any online ad campaigns?
  • Have you developed any apps for users? (Includes iOS, Android, Windows, Facebook, etc…)
  • Does your business utilize Amazon?
  • Does your website collect/store cookies?

What information qualifies?

Any information that can be used alone or in conjunction with other information to identify a person. This includes:

  • Email
  • Name
  • Location (city, country, etc)
  • Address
  • Social security number
  • And more

What third parties require privacy policies?

Many third parties require privacy policies. Before you sign up with a new service, make sure to comb the fine print to find out what type of privacy policy is required. Some common third parties are listed below:

  • iOS app store
  • Android app store
  • Windows app store
  • Google Analytics
  • Facebook (apps and ad campaigns)
  • Amazon
  • Many others

What must be stated in a privacy policy?

Privacy policies can vary from business to business, and what you must state on your website depends largely on your individual company. Make sure to talk to a legal professional to cover all your bases. Here are some general guidelines that apply to most privacy policies:

  • What kind of data do you collect from users and how?
  • How do you use the data you collect?
  • How do you protect the data collected?
  • Do you share this data with anyone else? What do you share and with whom?
  • Can users access and/or control their personal data? If so, how? It’s a good idea to outline a way for customers to access the data you’ve collected from them. It doesn’t hurt to include a way for users to opt-out.
  • The policy must be straightforward, easily understandable, as well as readily accessible to website users. This means no “leagalese”, no fine print, and no hiding the policy in the depths of your website.

Bottom line: a privacy policy is essential for protecting your business and letting your customers know what you’re doing with their information. Without a clearly-stated privacy policy, your business could face serious reparations from authorities such as the FTC, the European Union, and many others.


  1. “Privacy Policies are Mandatory by Law.” TermsFeed, 25 Feb. 2018, termsfeed.com/blog/privacy-policy-mandatory-law/. Accessed 5 July 2018.
  2. Osterberg, Lars. “You Need a Privacy Policy in 2018: Here’s How to Start.” HubSpot, 29 Mar. 2018, blog.hubspot.com/marketing/you-need-a-privacy-policy. Accessed 5 July 2018.
  3. Brandom, Russell. “Everything you need to know about GDPR.” The Verge, 25 May 2018, www.theverge.com/2018/3/28/17172548/gdpr-compliance-requirements-privacy-notice. Accessed 5 July 2018.

Leave a Reply

Your email address will not be published. Required fields are marked *