These 5 common business activities demand a privacy policy
Do you sell a product or service that’s exclusively made in your state, from a store or computer in your state, ONLY to people who live in your state and plan on staying that way forever?
Probably not.
So, let's talk about keeping your business in line with the law and avoiding fines and courtrooms.
What is a privacy policy?
A Privacy Policy is a contract that explains what kinds of personal information you gather from website visitors, how you use this information, and how you keep it safe.
Some Context
In the past few years, a few of the world’s biggest economies, think Europe, the UK, Canada, Australia, California, and Nevada (a huge number of online businesses registered there!), decided that their residents deserve to know what information companies have on them. It’s a trend that is only going to continue.
Here’s where you say ‘But wait, I don’t operate in California or Europe!’
Remember that old-school house rock song about how a bill becomes a law?
So, every state except Hawaii and Florida has had a privacy bill progress to at least the committee stage and these bills are going to keep popping up until they are passed.
Plus, can you really guarantee that you won't have a single website visitor from any of those places?
For my Virginia folks who can guarantee that no one in California or Europe will ever visit their websites, Virginia just became the second state in the US to pass a comprehensive data privacy law called the CONSUMER DATA PROTECTION ACT in 2021. Carrying a fine of up to $7500, makes businesses with at least 100,000 different peoples' data or selling data when they have 25,000 different folks' information have a privacy policy. And you can bet your bottom dollar that states getting their own privacy laws will only push the federal government to make a law for every American-based business soon. You can also bet these laws will only get more complex since data privacy isn’t going anywhere.
So now you say “I’ll never have tens of thousands of people visiting my website.”
And I’ll tell you that this is a legal requirement that is only going to apply to more and more businesses as time goes on. Plus, why would you hide from your potential customers what you are doing with their information? Communication is what makes every relationship, personal or business, successful. So start communicating in a privacy policy, won’t ya?
Even if you are 100% local or aren’t processing 100,000 folk’s data yet, this is coming. BTW 100,000 people are just 300 website visitors a day. That’s not terribly high in the grand scheme of things. Plus your city or county can make a local law about this too. You can’t avoid it, so why risk your business over something so easily fixable?
Just tell me the 5 things already!
If you do any of the below, you need a privacy policy on your website, landing page, emails, and Facebook group. And you needed it, well....yesterday.
1. Asking folks for their email address means you need a privacy policy
Email addresses are as important as home addresses or phone numbers to any small business. Because of that, governments started protecting email addresses just like any other personal information.
Business coaches seem to be screaming about the importance of collecting emails to sell.
You send your invoices and contracts to your clients by email. (if you don’t, we gotta have a chat about why e-signatures and e-payments are gonna save you a TON of time.)
Whether you are building an email list of folks ready to buy, keeping track of who joins your VIP Facebook group, or creating a lookalike audience for your newest ad based on this group of emails that you have a great conversion rate from before, you’re getting emails.
*any ‘standard’ contact info like full name and phone number count towards this too.
2. Use analytics of any kind on your website means you need a privacy policy
Google Analytics and a Facebook pixel are the most common culprits here. These tools help you understand your customers but you have to tell site visitors what you're going to do with it.
Google’s own terms actually require you to tell folks you are using analytics, even if your state doesn't. Do you really want to piss off Google?
3. Have a single website visitor, customer, or potential client from Europe or California means you need a privacy policy
I told you, these countries aren’t playing. And you know how you know if you have visitors from these countries? You have Google Analytics installed!
4. Selling folk’s data means you need a privacy policy
In general, I don’t think it’s a smart thing for small businesses to do, but if you need to sell your email list, you gotta tell folks.
5. Having ads on your blog or website means you need a privacy policy
Monetizing your blog is no joke. It can bring you in some real money, but you gotta tell folks you’re doing that.
I won’t pretend that a solid privacy policy will make or break your business,
unless you are a communication app that has trouble communicating updates to its privacy policy and loses hundreds of thousands of users to competitors,
but it is one of those easily check-offable things that can let you worry just a little less as you continue to grow your business.
Comment below, do you have a privacy policy? Have you updated it in the past 2 years? Does it match the software and processes you are using today?
Are you rethinking your privacy policies?