Why Your Website Needs to Post a “Privacy Policy”

If you have a website, but you don’t have a “privacy policy” published on it, you need to stop what you’re doing right now and get your privacy policy published ASAP.

You might be asking yourself: Do I really need a privacy policy for my website?

If you own any form of commercial website, or if you are starting any kind of company today, then yes, indeed, you do.  Not only is it a legal requirement, its also required by third party sites such as Google if you want to rank well in their search engine (they want to ensure that all sites they send visitors to are legally compliant).  And if you want to advertise your business on sites like Facebook, or run Google ads, they’ll require your site to have a privacy policy before they approve your ads.

Building a new website or starting a new business can be overwhelming — there are a lot of moving parts to manage all at once, and it’s easy for your privacy policy to get overlooked (or completely forgotten) in the process. But due to search engine requirements and data privacy regulations, your website is required to have one. Skipping out on a privacy policy is just asking for trouble.

Any tool that collects information from your site — such as website analytics, online forms, or chat widgets — will require a policy too. Google Analytics, the most popular web analytics tool out there, even has a privacy policy requirement in its terms of use.

And if you’re planning on running any online ad campaigns, both Google and Facebook require privacy policies in place if you’re collecting any user information. This is especially important for Facebook Lead Ads, which require a privacy policy URL link within each ad you create.

If you are located in the US, be assured that the FTC isn’t afraid of enforcing punishments for companies that violate consumers’ privacy, regardless of size or prominence. They’ve taken action against many companies — even ones as big as Google and Facebook — for failing to properly disclose how they used their customer’s data.

Okay okay, enough scary stuff. By now you’re persuaded that you should probably have a privacy policy published on your website.

But what exactly is a privacy policy?

Basically, a privacy policy  lets your customers know what type of data you’re collecting, and what you’re doing with that data. It also generally provides information about how you’re collecting data, whether it’s through a form, or cookies on your website.

It will also typically indicate your policy for storing customer data. How long you’re planning to store data is a big deal — are you storing someone’s info in perpetuity, or do you promise to delete it after 90 days? Privacy policies typically inform users how long their data will stay in your possession.

Depending on where your company is located, you might also have to include where the data is being stored. Even if you’re not storing it yourself, you’d need to disclose the physical data center (e.g. an AWS US-East server in northern Virginia).

Privacy policies may also include information on who has access to the customer’s data. This can mean giving customers the right to request data if they want, and a process to do so. And it usually involves providing contact info if they have a question about the privacy policy. You may also want to provide an opt-out notice for users that don’t agree with the policy.

Finally, privacy policies often include the security policy you use to protect the data you’re collecting. This usually means an outline of the security measures taken to safeguard customer data by you, or the vendors you use.

Ultimately, privacy policies provide a safeguard for both you and your visitors. If you’re collecting data from visitors or users, it’s recommended to tell them what you’re doing, how you’re doing it, and how it’s being safeguarded. The privacy policy serves as a declaration to visitors and customers what you’re doing with their data.

When writing a policy, it should be clear and explicit so any user can understand it.

So how do I get a privacy policy?

Here at BeSeenMedia, we automatically include a Privacy Policy page on for every client’s website because as a reminder to our client’s that they will need to either upload their policy or supply us with the wording for their privacy policy so we can upload it for them. At the very minimum, that’s just part of good, responsible webdesign from an SEO standpoint (since search engines like Google consider this when ranking your website).  However, its up to you to determine what kind of privacy policy your specific business needs, and you should consult with a legal professional to make sure you’re meeting your legal requirements.

Whatever you do, don’t leave your privacy policy page blank – that defeats the purpose of our creating this “placeholder” for you to remind you to tend to this important requirement.

There are privacy policy generators that often offer basic privacy policies for free (here’s an example of one focused on the aforementioned Facebook Lead Ads use case: link).  Additonally, the FTC’s website has a bunch of information to help guide US businesses if you are located in the US (we have clients all over the world).

We’ve provided this general info about the need for your site to have a privacy policy to help our readers and clients better understand the legal issues surrounding internet marketing. But this should not be interpreted as legal  legal advice — and we are web developers and marketing strategists, not lawyers. So it goes without saying (but we’re saying it anyway), to ensure you meet all legal requirements pertaining to your type of business and the activities you engage in,  you always need to consult an attorney.