If you are planning to capture email addresses, or use analytics to track traffic on your website, you need to have a privacy policy. You need to tell people:
- what information you collect
- who you share it with
- how users can change the information
- how you will notify users of the changes to your policy
- when it is effective
So, what does this mean for you? How do you get started with the development of your privacy policy? As with so many things, you need to start with the purpose of your site. In this course, we are going to focus on my law firm site and Legal to English and how the privacy policies work for each of those sites. I am doing it this way because: examples always help and this is a good representation of two sites with very different objectives and two completely different styles.
So, let’s break down the two sites and what we will be focusing on for the privacy policies.
Keep in mind, as with the development of any type of contract, we need to stay focused on the overarching purpose of the sites as well as the specific issues that will affect the specific policy we are working on now.
The Outsourced Associate
What the Site Does
This website is for a law firm. It is designed to give information about what services and products are offered by the firm. It also has an e-commerce component. You can also purchase services through the site. As of right now, the purchase all happens off site through Paypal, but that will change in the future. Right now, I am using basic analytics and collecting email addresses and other information related to the purchase. As I add more features to the Resource Center, I will begin taking and storing even more information. Most of the information I collect will be voluntarily given.
How the Site is Presented
Being a law firm site, it is designed to attract potential clients and exhibit skills to those who may be trying to learn more about me before contacting me (opposing lawyers, mediators, arbitrators, etc). This will be important as we discuss how the policy is developed for this site.
Presentation is very important in any contract.
Legal to English
What the Site Does
This website is about community. It is built for entrepreneurs. It is designed to help entrepreneurs understand the legal that affects their business everyday. It contains podcasts, blog posts, and takes email addresses and a first name. I am currently working on a free resource that better organizes the email newsletter, so, if you ever need it, you will have a way to go back and look at all of our past conversations organized in a way to help you get the most out of it. That, however, will still only require an email and a first name. Legal to English is owned by The Outsourced Associate. I use basic analytics, but do not capture much information that is not voluntarily given.
How the Site is Presented
Legal to English simplifies law. It explains complicated legal concepts and makes legal more accessible to entrepreneurs.
So, how does this help us know where to begin. To determine that, let’s look at what we are required to tell those visiting our site:
What information you collect
There are two primary types of information on which we will focus, personal, identifying information, and non-identifying information. It is important to understand, no matter what analytics service you are using what you are collecting from anyone who visits your site. You also need to know what cookies have to do with your site.
Who you share it with
It is very common for everyone in the online world to tell you that they are not sharing any information with third-parties, but that isn’t true most of the time. You need to think about your merchant processor, your analytics service, your email provider, and any other third-party company you use to handle some process that requires information from your users. You are not selling the information, but you are probably sharing it. You want to make sure you think about this in specifics as well as categorically. What types of third parties are you sharing information with? You don’t have to name the specific companies, because that could change, but you need to think through the categories.
How users can change the information
This is going to be for information provided voluntarily. You need to make sure, if you have a site that is for members online that requires a login of any kind, that you provide a way and information on how to change personal information. This is also true for email systems. Even if all you have is an email subscription list, you need to let your users know how to change the information they gave you when they signed up. Can the user opt out by turning off cookies?
How you will notify users of the changes to your policy
When you make changes to your policy, how will you make the changes known. With online policies, you will reserve the right to make changes at any time, but you need to let your users know of those changes when they are made. How will you do it? Will you place it in your header? your footer? Will you send an email? Will you write a blog post? Go ahead and make that decision now.
When it is effective
It is important, with any contract, to have an effective date. More than that, you, as the site owner, need to keep track of the versions of the Privacy Policy every time they change with the effective dates of the versions. The effective date (or range of dates for older policies) will be important if anything ever comes up with your privacy policy. You will have to prove which version was effective at the time of whatever incident brings the policy into questions.
This is the information we will need to get started. We also need to think about style before we start. With any contract, there is always more than one way to present the information. This has to do with the purpose and ultimate goal of your site. Remember, legal is designed to help your business grow, not hinder the growth of your business. To that end, you need to think about what kind of style you want to use in your privacy policy.
In the case of my sites, I will be looking at a more formal style for the law firm website, and a more conversational, explanatory style for the Legal to English Site. Understand, when I say a more formal style, that does not mean we will be using stuffy legalese, it just means it will look and feel more like a contract than a web page. It will use more formal sentence structure and defined terms.
Homework
Until tomorrow, work on the exercises above. Think through all of your web properties you run and the purpose behind them and what you intend to do with them. Then, begin to think through the information you must provide in your privacy policy.
What’s Next
Tomorrow, we will focus on structuring the body of your policy and how to create the outline for what you will need.
Leave a Reply