Clicky

Do I need a Privacy Policy?

If you’ve worked with us — or you’re about to — for a website project, you’ll at some point be introduced to the Privacy Policy. While we don’t write these legal documents for our clients, we sure do want you to have one! Why? Every state in the U.S. has some type of law governing Privacy Policies for websites. And we want you to be good, law-abiding citizens.

Website Muscle is based out of California, which has the strictest laws in the country regarding data collection and privacy. The interesting thing is, the purpose of the California Online Privacy Protection Act (CalOPPA) is to provide protection of personal data collected from California residents. Which means if you live in North Dakota but you have customers (or potential customers) in California, you need to have a Privacy Policy.  

No matter what state you’re in, we can help steer you in the right direction to get your website’s Privacy Policy.   

Here are some FAQs about Privacy Policies:

Businesses that collect personally identifiable information (PII) on their website — or who track users’ data via Google Analytics – need to have a Privacy Policy.

Examples of personally identifiable information (PII) include:

  • name
  • email
  • phone number
  • date of birth
  • billing/shipping address
  • banking information
  • social security number

Most of our clients meet the PII criteria by having a contact form, job application form, or newsletter signup form on their website. 

Even if you don’t have a contact form, job application form, or newsletter signup form on your site, you most likely have Google Analytics installed, which would still necessitate a Privacy Policy in CA. 

While not personally identifiable data (PII), Google Analytics stores cookies on users’ computers, allowing you to track usage data such as how many times a user visits your site, what pages they visit, and how long they stay on your site.  

Also, if you run an ad campaign, or if there’s a chance you might add Google Analytics or a contact form in the future, it’s a good idea to have a Privacy Policy in place. Most people don’t think to update their Privacy Policies as these things change. 

Yes! This is considered non-personally identifiable information, or non-PII. 

Google Analytics stores cookies on users’ computers, allowing you to track usage data such as how many times a user visits your site, what pages they visit, and how long they stay on your site.  

Here are your options: 

  • You can write one yourself. (Have fun with that!)
  • You can have an attorney prepare one for you. 
  • You can use one of the many online generators out there. (This is the one we recommend.)

Online Privacy Policy generators allow you to answer some questions and for a small fee (some are even free!), they’ll produce a Privacy Policy for you. These websites also do other legal documents like Terms of Use, Disclaimers, Return & Refund Policies, Cookies Policies, and more. 

Examples of online generators include: 

Some sites like termageddon.com require an ongoing monthly membership but will auto-update your Privacy Policy as laws change.

To be honest, we’re not sure! Possibly fines, possibly a lawsuit? Basically you’re opening yourself up to allegations of misusing people’s personal data (or using it in a way that they haven’t been notified of). It’s better to spend the money to protect yourself now. 

Our Recommendations

We send our clients to termsfeed.com for Privacy Policies. Why? No idea! We just picked that one years ago and stuck with it. So you can use whichever one you want. 

But to help you answer the questions, should you choose termsfeed, here’s a link to my “cheat sheet”

It should take less than 10 minutes to complete and costs under $50. When you’re done, just add it to your Content Doc or send it over to me and I’ll get it on your website.

As always, let us know if you have any questions — we’re here to help!