With the GDPR having just gone into effect recently, a lot of people are asking questions about what they need to do in order to comply, whether or not they even need to comply, and what the best practices are. One component of being GDPR compliant (or compliant with […]
You’ve no doubt heard about the GDPR (General Data Protection Regulation), which focuses on protection of personal data and digital privacy in general. Although the GDPR largely applies to businesses that either a) offers products/services, and/or b) collects personal information from, the new GDPR policy applies to anyone regardless […]
With the GDPR having just gone into effect recently, a lot of people are asking questions about what they need to do in order to comply, whether or not they even need to comply, and what the best practices are. One component of being GDPR compliant (or compliant with other regulations) is to have a clear and concise “privacy policy.” Most website owners or businesses are uncertain on whether or not you actually need a privacy policy.
The short answer is most likely: yes, you will need a privacy policy. We’ll get into specifics below.
The simplest answer is that if you collect any kind of information from the users of your website (or customers of your business) that is considered “personal,” then you need to have a privacy policy in place.
Any kind of information that can be used to identify an individual is considered “personal data.” Personal data can include, but is not limited to first and/or last name, email address, billing and/or shipping address, credit card information, phone number, IP addresses, and so on.
For websites, this information is commonly collected if you have an email list or use cookies on your website (which most websites and/or businesses do).
Having a privacy policy, regardless if it’s “required by law” in your situation can still be a great way to build trust with your users or customers. It’s often better to be safe than sorry with a privacy policy, but it’s also a great strategy for helping your customers feel more comfortable browsing your website or providing you with their personal data.
Below are some of the most common scenarios where a privacy policy may be required or otherwise recommended:
A privacy policy is an agreement between you (website and/or business) and the user (or customer) on how you will handle that user’s personal data. In your privacy policy, you will include specifically what kind of data you will collect or request, how it’ll be collected, whether you share any of it with outside parties (known as third parties), and so on.
The privacy policy essentially lays out all the “whats” and “hows” that relate to a user’s personal data within your website or business.
Adding a privacy policy to your website, business, or any other kind of application that collects personal data/information, requires you to have a page on your website dedicated to your privacy policy. Remember that your privacy policy requires you to list certain information about the data you collect, what happens to it, and how your user can modify that information.
The privacy policy needs to be easily accessible, commonly linked on the footer of your website or easily visible when a user is providing information to your website.
If you need help with your privacy policy, want to ensure that you are fully compliant with how you are collecting or handling personal data, or need assistance integrating your policy into your website, you can reach out to us at C2CG. We’ll be happy to answer your questions and get your website fully compliant and protected.
You’ve no doubt heard about the GDPR (General Data Protection Regulation), which focuses on protection of personal data and digital privacy in general. Although the GDPR largely applies to businesses that either a) offers products/services, and/or b) collects personal information from, the new GDPR policy applies to anyone regardless of location.
Today we’re going to break down everything you need to know about what you need in your privacy policy and how to remain GDPR compliant in your business.
One of the goals of the GDPR is to simplify the language used in privacy policies so that the average user can understand exactly what is happening with their data that they’re providing, without needing someone else (like a lawyer) to decipher your intent and processes with their data.
Data collection and processing procedures need to be communicated in a way that is concise, transparent, intelligible, and in clear and plain language. This has been done to avoid the dense legalese that has been commonly used prior to the GDPR.
In addition to simplifying the communication of your processes, your privacy policy also needs to disclose more information than was required prior to the GDPR (while still being clear and concise about it).
Below is everything you need to communicate to your users through your privacy policy?
In order for your privacy policy to be compliant with the GDPR, you need to provide information on the following (while also still being concise and clear for your user):
There’s no need to feel overwhelmed about the GDPR, even if it seems daunting at first when creating your privacy policy and striving to stay GDPR compliant from start to finish. This page will help you get started with the foundation of your privacy policy and what you need to be and stay compliant with the GDPR.
If you have questions about the GDPR or want to ensure that your privacy policy is going to be compliant with the GDPR, you can reach out to us at C2CG and we’ll be happy to help.
[MySiteAuditor id=5]
