Well, it doesn’t work that way. Fundamentally, these types of policies and agreements are contracts with your users and customers. If you want to make substantial changes in the way you handle personal information to become effective for your past users and customers, you will need to get your users and customer’s consent first.
That means contacting them by email or through some type of mail delivery service and telling them of the changes and giving them the chance to opt out of sharing information.
And putting a provision in your policies like this will not work:
It’s a convenient idea, but the law does not work that way.
The courts have held that parties to a contract have no obligation to check a website’s policy or terms and conditions on a periodic basis to learn whether they have been changed by the other side. Why? Because like any other contract, your client cannot unilaterally change the terms of the contract without the other party’s consent.
This discussion must include a description of how, if at all: (1) any changes will be communicated to visitors, users and customers; and (2) whether any changes are binding upon visitors who submitted PII (Personally Identifiable Information) under a previous version of the policy. Policy amendment procedures are important because a privacy-invasive policy creates serious threats.
Take, for example, a company that promises not to sell PII in its 2010 policy and collects thousands of email addresses. Assume further that this company has a policy allowing
Because they receive no notice of the change, they also stand a small chance of realizing that their PII is for sale on the open market. Many of these same visitors would never have submitted information under the 2014 amendment policy but find themselves bound by its terms.
The above is just one possible provision that a website or blog owner could use.