When you use a website, you can deliberately or inadvertently share information such as your music preferences or credit card information. The website’s privacy policy should state what information is gathered when you use that site, what you should expect will be done with the information gathered, and whether you keep or dispose of that information.

Should I Add a Privacy Policy to My Website?

If you create a website that gathers information about users, you should include a privacy policy stating clearly what users should expect. You can post the policy as a clickwrap document, in which the user clicks to accept the policies of your site before entering your site, or a browserwrap document, where a separate document containing the policy is accessed from a link on your website. A clearly visible privacy policy may help you avoid liability if a visitor to your site is unsatisfied with how you use the information you gather and decides to sue you.

A privacy policy that is written clearly and concisely can also educate your users about your data practices.

What Should a Privacy Policy Contain?

This depends on the type of site you are developing, where your targeted audience is geographically, and the nature of the information that you intend to gather. If your website targets minors or you are reasonably sure that minors use your site, your site must comply with the Children Online Privacy Protection Rule. In general, your privacy policy needs to state:

  • Whether you use cookies or save cookies to the user’s computer
  • Whether you will sell information gathered to third parties without the user’s consent 
  • Who you will share user information with
  • What type of information that the user consents to you gathering by using your website
  • How you will ensure that information provided by a user is kept secure
  • How a user can expect to be notified of changes in your privacy policy
  • How a user can request to have their information updated or removed

What Should I Do If a Website Breached Its Privacy Policy?

You should first ensure that the actions of the site are actually barred by its privacy policy. You should also be sure that you did not give consent to allow the site to use your information as it did. 

If the website’s privacy policy has been breached and this has done you damage, you should gather evidence about its breach and especially about the damage it has done to you and then contact the website administrator/webmaster to have the matter rectified. If the matter is not resolved to your satisfaction, you should contact an attorney to ensure your privacy rights are protected.

Do I Need an Attorney?

It is important for a privacy policy to contain no loopholes that may expose you to liability. If you are developing a website and intend to gather information about users, an experienced business attorney will be able to create a privacy policy that ensures that you and your online enterprise are fully protected.