Your website is your first point of contact with your customers, and naturally you want to make sure its snazzy, fun and pleasing to the eye, so it’s easy to overlook what we need to make a website legally compliant. People have the misconception that if you aren’t getting customers to sign up to newsletters, then you aren’t collecting any personal data, so you don’t need a privacy policy or terms of use.
You will be surprised to learn, that websites most definitely tracks visitors and it’s your responsibility to let visitors know what you’re tracking and what you’re doing with this information. There’s a lot to think about when you’re building a website, the design, marketing etc, but it’s also important to pay attention to the small print that protects your customer and you.
Whilst the type of documents you need would be dependent on your business model, i.e., what you sell, to whom etc, however, we suggest the below mentioned documents as good starting point for basic compliance.
Contents:
Privacy Policy
It’s important to understand that one size doesn’t fit all. Many are misled into thinking that another company’s privacy policy can be copy and pasted for your business as it sells the same kind of stuff, but your business may collect more or less personal data and could potentially send it to different processors in different jurisdictions, thus, making your copy pasted privacy policy pointless and not fit for purpose.
A privacy policy is a statement that explains to your website visitors and customers about the data you collect, why you collect it and how you use it. It must also say whether the data is shared with any third parties and what measures you take to keep that data safe.
You can read more on how to draft a compliant privacy policy here.
Cookies Banner and Cookies Policy
Cookies and similar technologies make a visitors online experience personalised by helping the website understand how visitors use their services. This is done by way of tracking activity from the visitors usage of the website. As cookies collect, record, and share information about website visitors and their devices, its only right that the visitors know this as well as this being a legal requirement.
A cookies policy is a legal requirement under the General Data Protection Regulation (GDPR) and Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR) PECR require websites to be transparent on what personal data is being processed and give individuals privacy rights in relation to electronic communications. Unbeknown to some, websites use cookies to track visitors, so it’s essential to inform them - that tracking takes place.
To comply with data privacy laws, a consent banner should be displayed on the website upon the visitors first visit and ask for consent before deploying certain cookies. It must have a button to allow the visitor to either accept or reject cookies. The point of the banner is to alert visitors that the website uses cookies, and gives them the option to opt-in, as well as read further by clicking on the link to the cookies policy. By clicking reject, only the strictly necessary cookies are deployed and used by the website for it to function properly. These types of cookies don’t collect any personal identifiable data and nor does it track browsing habits. To understand more about how cookies function, read here.
Website Terms of Use and Acceptable Use Policy
This sets out how visitors may access and use your website. It includes information on the website, disclaimers on information that’s published on the website, and how it may be shared and used.
The terms may also contain information around unacceptable use such as hacking, uploading inappropriate or illegal information and the like. Essentially, website terms is a contract between the website owner and its’ visitors, and it protects the owner against people stealing content, preventing potential copyright or ownership disputes and allows you to have full control over your website operations. It can also protect the website owner against technical issues with the website, such as, if usage of your website causes a virus on the visitors computer.
Terms and Conditions for the Provision of Services
If you are providing goods or services, then you will need terms and conditions that comply with legal requirements. Such terms would include disclaimers that would limit liability should a customer ever raise a legal dispute. Without proper terms, you run the risk of your liability to customers being unlimited. They protect both parties involved in a transaction and outline the rights and obligations of each party. These are essentially the contractual arrangements between you and your customer, and will be referenced in any legal dispute.
We would strongly advise that you get these legal documents drafted or at least checked by a solicitor, so you are protected in case of any fall back or liability. Our data protection specialists are on hand to offer advice on how to approach legal documents for your website, so you are protected and legally compliant, so feel free to get in touch.
