Website Series, Part 1: Why Your Website Needs a Privacy Policy – And What it Should Say

One of the most frequently asked questions we get here at Renegade Legal is about what legal documents a business needs to have on its websites. Instead of answering it in a single post, I’m publishing a series of posts on the topic.

We’ll just get straight to the point and start with the most important one legal document you need on your site: THE PRIVACY POLICY.

Here are the four main reasons your Privacy Policy is your most important website legal document:

1. It is Required by Law

First, if you’re using your website or landing page to collect personal information from your visitors, such as e-mail addresses, posting a Privacy Policy that lets said visitors know exactly what information you collect, and what you will and will not do with their information, is REQUIRED BY LAW.

If you don’t have a Privacy Policy detailing what data you collect, how you do so, what you do with it, and how your visitors can opt out, you’re breaking the law, and are basically asking the FTC and other government agencies to fine you – or your clients, if you’re managing the relevant aspects of their marketing and/or online presence.

(If you collect personal info on EU residents, you’re also running the risk of being fined under the GDPR, but that’s another post – for now, just know that having a Privacy Policy is a legal requirement, not a “best practice.”)

Fines can reach tens of thousands of dollars PER VIOLATION – meaning, for example, a separate fine for every single e-mail address collected without adequate notice and consent. You can easily hit a million dollars in fines with only a 2,000-person e-mail list, so yes, this is kinda serious.

2. It is Required by Major Content, Advertising and Sales Platforms

Not posting a Privacy Policy can also get your account(s) BANNED from Facebook, Google, and other platforms – not great when online advertising is responsible for a significant chunk of your (or your clients’) revenues.

Yes, FB employees actually go on the websites and landing pages linked to your ads, and check if you have a Privacy Policy. If you don’t, the FB Terms of Use allows them to shut down your ad account – or that of your client, if you’re in the business of providing marketing, advertising, web design and other services that include building websites and sales funnels for your clients. (Good luck explaining that one to someone who paid you upwards of $10K and relied on your “expertise” to execute a successful campaign, and all they got for it was getting banned from FB. Also, good luck with your reputation.)

3. It’s a Binding Contract

Swiping a Privacy Policy from a friend or competitor can also be a bad idea. Why? Because your Privacy Policy is supposed to be an explanation of YOUR data collection and processing practices that are being used in YOUR business. If, it doesn’t, you’re lying to your users and are running the risk of getting fined. Your Privacy Policy is a binding legal document, and as such, it has to say what YOU do with people’s data, not what Amazon or whoever you copied it from does with people’s data.

4. Copying Another Company’s Privacy Policy is Illegal

You read that right – copying another company’s privacy policy without their consent is copyright infringement. So, in addition to all of the above, if you catch a lawyer on a day when they’re feeling particularly petty, you might just get sued for that too.

I do understand that this stuff is complex and difficult, particularly for those just getting started. But it’s a real issue affecting most of your businesses RIGHT NOW, and ignoring it won’t make it go away.

To the contrary – by operating without having the mandatory legal documents on your site, you’re exposing yourself (and potentially, your clients) to significant legal and financial risks.

As a result, it’s extremely important that, if you haven’t done so already, you get a custom-drafted (not copied and pasted) Privacy Policy prepared and posted on your website and any landing pages you may have, advising your users (and FB) of your data collection and processing policies as soon as possible.

Need a GDPR-compliant Privacy Policy that protects your business from lawsuits, FTC fines and EU penalties? Grab one of the templates below from the Contract Shop!

And stay tuned for our next post on Terms and Conditions!

Related Products