This should include the way the website collects, processes, stores, shares and protects the user data, the purposes for doing so, and the rights of the users in regard to their collected data.
Your website is probably collecting information from users who visit your site, such as contact details or demographic data.
Here are some common examples of ways that websites collect data from users:
- Contact forms
- Shopping carts
- Requests to book a call
- User registration forms
- Newsletter sign-ups
- Services such as Google Analytics
- Displaying online ads from platforms like Google AdSense
- Who is collecting the data on your website, i.e. the legal name and contact details of your company
- Why the data is being collected
- Whether the data will be given to any third-party (and if so, who that third-party is)
- Information on how to contact you to request removal or correction of any personal data on your records
- Provide information on what any cookies are for and why you use them
I’m not in the EU – do I still have to adhere to GDPR?
Well, you might not be in the EU, but some of your website visitors might be. Remember that the internet is global, and your website can get visitors from any country.
In order to be as legally-compliant as possible, it’s always advisable to adhere to both national and international laws like GDPR, so that you’re covered if/when you have visitors from those areas.
An important part of SEO is ensuring that Google trusts your website, as a high level of trust means it’s more likely to show your website in a higher position in the search results.
A hefty fine, usually. You’d probably receive an enforcement notice from the relevant data commissioner in the first instance, instructing you to add one to your website. If you don’t comply with the enforcement notice you could be fined, and UK/EU GDPR-related fines can be up to 4% of your annual turnover. You could also be made to delete any data collected through your website.
- Hiring a lawyer. If you have budget, hiring a specialist lawyer means you’ll end up with a professional, completely personalised policy. Bear in mind that as well as the initial costs, you’ll likely have additional ongoing costs for updates to the policy in the future.
- Use a professional online policy service. This is my preferred option and the one I recommend to my clients, as it balances the needs of compliance and budget really well. For a low monthly fee, you get a policy that’s personalised to your needs, and that AUTOMATICALLY UPDATES WHENEVER THE LAW CHANGES. Winner.
I’ve partnered with Termageddon, an attorney-run, professional policy provider, to provide a discount on privacy policies.
Want to talk about your options?
This bit’s important, please read it:
This blog post provides information about privacy and data protection laws – but legal information is not the same as legal advice, and so you must consult a lawyer for professional advice about your own circumstances.
You may not rely upon this information as legal advice, and you must instead regard this article as intended for purely informational purposes only.
Looking for help with your website?
I’m a WordPress developer who loves helping small businesses grow their online presence with great looking websites.
Want a new website or to overhaul an existing site? Got a broken WordPress site that’s driving you crazy?
Just let me know what you need and I’ll be happy to help!