Privacy Policy
What is a Privacy Policy Statement?
A privacy statement refers to a privacy policy put in place by a company regarding the collection, use and management of customer data gathered on its website. A privacy policy is legally required to appear on your website. Privacy policies are in effect in the European Union (GDPR), California (CCPA), Canada (PIPEDA) and Australia (The Privacy Act, 2018). As of 2021 more U.S. states have enacted privacy policies. Be sure to look for your state’s privacy policies.
According to Medium.com, the strictest data protection act in the world is the EU’s GDPR. As of May 25, 2018, the General Data Protection Regulation (GDPR) went into effect regarding customer data collection. If an individual who resides in the EU visits your website in the U.S. and you collect personal identifying information from them, then you need to be GDPR compliant or face fines. According to Intersoft Consulting “fines must be effective, proportionate and dissuasive for each individual case.” In the most severe cases fines can be in the tens of millions of dollars. Google, the first U.S. company to be fined under the GDPR, was fined $57M.
What you really need is a strong, effective privacy policy. Generally, privacy policies cover everything from the types of data collected and the purpose for collecting that data to the use of cookies, from data storage, security and access, and details of data transfer to affiliated websites or organizations. Your privacy policy should specify the kinds of personal information you gather from website visitors (i.e. names, birthdates, photos, / IP / email / billing /and shipping addresses, banking information, phone numbers, even social security numbers, etc.).
PrivacyPolicies.com provides a Privacy Policy Generator. To get started click here.
NOTE: Be sure to review your privacy policy with your attorney.