Website Privacy Policy Requirements – a 10-Point Checklist

James Chiodo, Certified Information Privacy Professional CIPP/US

Does your privacy policy protect you and comply with the law?

Here is a 10-point checklist to find out if your privacy policy is protecting you, is compliant with global privacy laws, and is complying with the terms of service from companies like Google and Facebook.

Does your privacy policy….

1. Disclose what type of Personally Identifiable Information (PII) you collect from customers, what you do with it, and who you share it with? You are required to have these disclosures in your privacy policy.

2. Have a security provision explaining how you protect Personally Identifiable Information? If you sell products or services, you are required to have such a disclosure.

3. Guarantee the security of your users’ personal and credit card information? If the answer is yes, you could be opening yourself up to potential lawsuits and fines.

4. Include a provision explaining how you respond to the Do Not Track Law? If not, you are in violation of the law and subject to a $2,500 fine if you do not comply.

5. Have a Google Ad, and Content Network Provision if you are running Google AdSense on your website? If not, you are violating Google’s terms of service, and they can terminate your AdSense account.

6. Have a Google Analytics disclosure if you are using Analytics on your website? If not, you are violating Google’s terms of service, and they can terminate your Analytics account.

7. Have a remarketing disclosure if you use Google or Facebook’s remarketing advertising? You are required by both companies to have one in your privacy policy.

8. Have a provision that allows you to sell your customers’ information in the event you sell your business? If not, you could be leaving a lot of money on the table if you ever sell your business.

9. Include COPPA compliant disclosures and procedures if you are selling products or have a website that might be considered geared towards children below the age of 13 by the FTC, even though you designed it towards general audiences?

10. Comply with the legal posting requirements for your privacy policy clearly and conspicuously on your website?

New California & Nevada Privacy Laws Affect Website and Mobile App Owners ➞ Read More