Does My Company Website Need a Privacy Policy?

by | Jan 28, 2017 | Law and Business

You may ask yourself “does my company website need a privacy policy?” Does your company have a website or mobile app? Are you collecting personal data from website visitors? If the answer is yes, then you are required by law to have a privacy policy.

What is a privacy policy?

A privacy policy (also often called a privacy notice or privacy statement) lets users know what information you are collecting and how you plan to use it.

What counts as “personal” data?

Personal data includes:

  • Email address
  • Name
  • Address
  • Credit card information

Anonymous data (navigation history, for example) can also be considered personal data if it’s used in connection with any other type of data that can be tracked back to an individual.

Who needs a privacy policy?

The type of platform you’re using doesn’t matter; if you’re collecting data, you need to have a privacy policy for your:

  • Company website
  • eCommerce website (online store)
  • Blog
  • Mobile or desktop app

I just collect email addresses for my e-newsletter. Do I still need a privacy policy?

If your website is collecting any personal data, even if you just manage a small blog and are collecting email addresses for your mailing list, you’re putting yourself at risk of being sued if you don’t have a privacy policy. So yes, you need one!

What does a privacy policy include?

Every privacy policy must include the following basic information:

  • A clear statement of what exact type(s) of data you are collecting from users, and what you or your company is doing with the data you collect.
  • The ability for users to opt-out of giving personal information (giving users the choice of what to provide you or your company).
  • An admission of your or your company’s responsibility to make sure users’ personal information remains secure.
  • A way for users to contact you to see their personal information and contest anything that is not accurate.

What’s the difference between a privacy policy and a terms of use agreement?

A terms of use agreement (also known as a terms and conditions agreement) isn’t legally required like a privacy policy is, but it’s vital to prevent users from abusing your website or app (spamming other users, using obscene language in public forums, etc.). It also protects your copyright, limits your liability should you get sued, and more. Click here to learn more about terms of use agreements.

Can I write my own privacy policy, or just cut and paste one together from those online template generators?

You can, but you definitely shouldn’t. Your privacy policy needs to be a custom document that takes the particulars of your business into account. Anything that’s just cut and pasted will most likely not stand up in court if you do ever face a lawsuit.
A good business attorney will know the intricacies of the federal, state, and local laws that will come into play should your company face legal action around your privacy policy (or lack thereof), so it’s in your best interests to hire one to help you draft your privacy policy.
EmergeCounsel is one of the leading providers of privacy policies and terms of use agreements. We’re located in the Denver Metro region, but we work with companies across the U.S.

Contact us for a free estimate on your website’s privacy policy today.


Join our mailing list to receive information about legal matters that affect businesses like yours.

browse by topic: