Why Your Website Might Be Illegal (& How to Fix It)
TABLE OF CONTENTS
You might be thinking, “Are legal pages necessary for my small business website?”
“Do I really need a website privacy policy or terms and conditions page?”
In short, YES. Playing hooky with your website’s legal pages is a disaster waiting to happen.
If your website doesn’t include a privacy policy, you could be breaking federal law.
If your website isn’t *GDPR compliant, then you could be breaking international law.
Not to be all “gloom and doom,” but that’s a pretty big deal.
When you manage a website, you collect a lot of data from visitors that you probably don’t even know about! But the government does, and they want to make sure you’re appropriately protecting that personal data.
Don't worry; I've got you covered.
In this blog, I explain what a privacy policy is, why you need legal pages on your website, and how you can make sure your website is legal without breaking the bank.
Learn more about how to add the right protection for your small business website with done-for-you legal policies written by an attorney!
But first, let’s lay the groundwork for our conversation.
What is a website privacy policy?
A privacy policy primarily answers two questions: (1) what information do you collect from visitors, and (2) how do you handle that information?
If you’re collecting any kind of personal information, you need a privacy policy.
For example, do visitors submit their email by subscribing to your newsletter? Is there a contact form that potential clients fill out on your website to get in touch with you? Those are both collecting personal information from website visitors.
Your website most likely collects visitor data behind the scenes, too, through tracking codes like Google Analytics. Most website platforms have built-in analytics that keeps an activity log of computer IP addresses without anyone knowing, which also counts as personal information.
Think about it this way: If you had a friend come over to your house and leave without their ID, you’d call them to let them know they left it, right?
A privacy policy lets people know when they visit your website, they’re allowing you to see (and even keep) some of their personal information (no matter how big or small).
Why do i need a privacy policy on my website?
Yay, so you have a website!
As Spiderman’s Uncle Ben would say, “With great power, comes great responsibility.”
Every website is required by law to include a privacy policy.
Why? Because the Federal Trade Commission (FTC) says so, which is a solid reason.
Some legal regulations that explicitly require the use of a website privacy policy are the California Online Privacy Protection Act (CalOPPA), Children's Online Privacy Protection Rule (COPPA), and the General Data Protection Regulation (GDPR), just to name a few.
CalOPPA requires all commercial websites and online services that collect personal information from residents in California to list an accessible privacy policy page.
COPPA imposes certain restrictions and requirements on websites directed at children under the age of thirteen.
GDPR establishes guidelines for how websites are legally allowed to collect and process the personal information of EU residents.
Pop quiz: Can you prevent someone from Cali, let alone Europe, from visiting your website?
Answer: Nope.
So guess what? Privacy and cookie policies both apply to your website!
It doesn’t matter where you’re located; it matters who can access your website, which is basically the world (there’s a reason it’s called the “World Wide Web”).
To sum it up, privacy policies protect you and your website visitors. You can’t control who accesses your website, but you can control what information you collect and explain how it’s handled.
What's a cookie policy?
I think everyone’s familiar with the cookie banner that pops up on practically every website these days.
To clarify, a “cookie” is a tiny file containing personal information, such as site settings and personal preferences. Cookies personalize your web browsing experience. You can best see them at work when you’re shopping online.
Have you ever seen a super-targeted ad specific to an item you just viewed or products similar to it? That’s called remarketing, and it’s enabled by cookies, which advertisers use to show you relevant ads online.
The FTC in the U.S. does not specifically require a Cookies Policy on your website. However, the GDPR does require a Cookies Consent Notice, which we just discussed you’re subject to. Learn more about GDPR for small businesses here.
In efforts to provide “transparency of information,” websites must notify visitors that certain data is being collected as they browse, and consent through the use of cookie banners/notices. If you don’t already have a cookie banner set up, you should probably open up a 12th tab on your browser and get on that, pronto.
And you can’t use an “X” or something generic for people to click just to make the banner go away. GDPR requires that website users agree to your use of cookies. Use a word like “OK,” “OPT-IN,” “I AGREE,” “YES,” etc. as a button on the pop-up.
P.S. I address “Cookies” in my website’s privacy policy, not on a separate “Cookie Notice” page, so keep reading to find out how you can too!
Do I need a terms and conditions page?
Technically, no; a terms and conditions page is not required by U.S. law.
Is it still a good idea to have one? You bet.
A terms and conditions page limits your liability, lists your business’s governing jurisdiction, states disclaimers, addresses affiliates, and other legalese.
I’m no expert on the topic of law, but I want to ensure every website I design, including my own, is legally protected. So, I did a ton of research – hence this blog.
Ultimately, it’s a website owner’s responsibility to include legal pages on their website, but as a web designer, I require these pages in all of my website packages.
How can I make my website legal without breaking the bank?
When I first started my business I was looking for all of the resources I could find. I couldn’t afford an attorney, but I wanted to be legally online, and my guess is that you’re floating in the same boat.
Thankfully, I know a place to get your site legal, today!
The contract shop
Attorney Christina Scalera founded *The Contract Shop to support entrepreneurs like you and me with *contract templates, agreements, and policies to legally protect creative small businesses online.
*The Contract Shop’s website legal pages highlight the areas you need to fill in as a business owner, making it super simple and straightforward to implement on your website.
You can download the docs, fill in the blanks, and call it a day. Voila!
I use the *Website Terms & Conditions and Privacy Policy Bundle for my clients and my own website.
Any time there’s a change in the laws of the land, you get free updates to your policies. You’ll never have to worry about being legal online again!
word of warning:
Do NOT copy and paste another website’s privacy policy or terms and conditions pages, then paste it on yours.
First off, it’s downright wrong; that particular business paid for an attorney to write their website policies or purchased it to protect their website, not yours! Secondly, their legal page content will most likely be different than yours.
Your legal pages are custom to your business.
Is your website legal + legit?
Most DIY sites totally skip the step of implementing legal pages, which is why using a website expert is always a good idea. Everyone’s good at something, but if web design and development isn’t in your wheelhouse, reach out to a professional web designer like Selah Creative Co.!
If you’re currently working with a web designer, ask them if they will add legal pages to your site if you provide the page content.
If you’re on the DIY website train, consider purchasing *Privacy Policy and Terms & Conditions pages from The Contract Shop:
Fill out the pages appropriately following the highlighted prompts and how-to guide.
Copy and paste the contents into two separate web pages: /privacy-policy and /terms-conditions.
Place the words “Privacy Policy” and “Terms & Conditions” in the footer of your website (very bottom section) and link each one to their respective legal pages.
Set up a website Cookie Banner and link it to your Privacy Policy page (The Contract Shop includes Cookie data within its Privacy Policy page content).
Now that you know your site does need legal pages, check out *The Contract Shop! At the very least, I recommend purchasing the *Terms & Conditions & Privacy Policy for your website.
P.S. The Contract Shop always has a great Black Friday sale with up to 40% off their digital products and downloads!
If you don’t have a website yet, but want to get online ASAP with a website that works, let’s get in touch! I’d love to help you navigate the online space and show up with a brand that feels completely you and connects with your ideal audience.
DISCLAIMER: I am not an attorney and, therefore, cannot provide you with professional legal advice. I’ve done my best to research and share the information I’ve learned to be useful for your business, too. Still, this article is not directive, legal advice, or a professional recommendation or endorsement of legal understanding.