The Importance of Website Policies
This document helps explain what website policies are and how they help you comply with laws and also protect you by limiting your liability.
This document covers the four most common policies found on websites:
- Privacy Policy (page 2)
- May be required under multiple privacy laws
- Can apply to businesses of any size and location
- Required if using common Google products (Analytics, Maps, reCaptcha, YouTube, etc) and many other third-party tools.
- Cookie Policy and cookie consent banner (page 3)
- A Cookie Policy is required under several privacy laws.
- A cookie consent banner helps collect consent prior to installing non-essential cookies onto a user’s browser or device, a requirement under several privacy laws.
- Terms of Service (page 3)
- Limits your liability for potential copyright infringements and third-party links
- Answers commonly asked customer questions
- Sets the rules for using your website
- Disclaimer (page 3-4)
- Limits your liability (if applicable)
We are not lawyers and this is not legal advice. We do, however, believe that this information is important and ask all of our clients to sign the final page of this waiver, acknowledging that we have provided you with this information.
1. What is a Privacy Policy?
A Privacy Policy helps website owners comply with privacy laws by providing specific disclosure requirements such as how their website collects, uses, and discloses personally identifiable information as well as all the disclosures required by the privacy laws that apply to you.
A comprehensive Privacy Policy is required to comply with privacy laws
Today’s modern websites are built to provide a great user experience and motivate prospective customers to reach out and inquire about what you have to offer. This is done through the use of tools such as contact forms, website analytics, and more.
Contact forms ask users to submit their ‘name’ and ‘email’, which are examples of personally identifiable information. When a website uses analytics, it collects each visitor’s IP address and shares that personally identifiable information with third-party data analytics providers. These are just a few examples of the many ways websites collect and share personally identifiable information.
Penalties for non-compliance
The collection of personally identifiable information is regulated under multiple privacy laws. For example, in the US, there are numerous state privacy laws that can apply to businesses, regardless of their location, and fines for non-compliance start at $2,500 per “infringement” (per website visitor). Each of these privacy laws has specific disclosure requirements that have to be added to your Privacy Policy to be compliant.
It’s also important to note that privacy laws in other countries could apply to you if you collect the personal information of, do business with, or provide services to residents of those countries.
On top of that, over two dozen privacy bills have been proposed on a state-level, each with their own unique disclosure requirements and penalties for not complying. If passed, some of these bills would enable citizens to sue businesses (of any size or location) for collecting their personally identifiable information without an up to date and compliant Privacy Policy. Due to the ever-changing nature of privacy laws, we recommend that you not only have a comprehensive Privacy Policy in place but that you also develop a strategy to keep your policies up to date when these laws are amended or when new laws are implemented.
Google requires your website to have a Privacy Policy
Outside of the legal requirements, Privacy Policies are required to use popular third-party tools. For example, a website utilizing Google Analytics is required by Google to have a Privacy Policy. You can find this requirement within section 7 of Google’s Terms of Service: https://marketingplatform.google.com/about/analytics/terms/us/
Google has also recently announced that it is requiring all websites using AdSense to have a cookie consent banner since AdSense uses cookies and collects personally identifiable information, which is regulated under multiple privacy laws. Google is now required to ensure that websites using AdSense comply with those laws.
2. What is a Cookie Policy and cookie consent banner?
Cookies are little snippets of code that get inserted into the user’s browser and device when visiting a website. They can help ensure a website properly functions (aka essential and functional cookies). They can also track website visitors for analytics and advertising purposes (aka marketing cookies). Several privacy laws require users to provide consent prior to implementing non-essential cookies on their browsers. This is commonly done through a cookie consent banner, which will ask your website visitors to choose their consent settings. It is important to identify what privacy laws apply to you, and determine if you are required to provide a cookie consent solution on your website along with a Cookie Policy further describing the purpose of each cookie.
3. What is a Terms of Service Agreement?
A Terms of Service Agreement limits the liability of businesses (aka helps reduce the risk of website-related lawsuits) by stating the rules for using the website.
Example disclosures
third-party links: When a website offers links to third-party websites, a Terms of Service can help explain to users that the business is not responsible if a user clicks those links. So, if a third-party link brings a user to a hacked website, the Terms of Service disclosure can help prevent you from being sued.
DMCA Notice: A Terms of Service agreement can also provide what’s called a DMCA notice, which helps prevent a business from being sued by providing contact information in case the website is accidentally using copyrighted material (like images or content).
There are many additional disclosures that a Terms of Service can make, but these two are the most popular and are easy ways to protect your website and your business.
4. What is a Disclaimer?
A Disclaimer is a document that helps limit your responsibilities and liabilities for your website in certain circumstances.
Does your website:
Advertise third-party products or services? A Disclaimer will help you protect yourself if a user clicks on the third-party advertisement and gets a virus, is somehow injured by the product or service, or is not happy with the third-party product or service
Sell or display health products? A Disclaimer will help you protect yourself in this case if the health products do not work as they should, do not deliver the results that were expected or if the user gets injured by the health products.
Participate in an affiliate program? An affiliate program is a program whereby you list a particular link on your website and, if the user clicks on that link or purchases the products that the link displays, you receive money from the manufacturer of that product. A Disclaimer will help you comply with the affiliate program’s Terms of Service as most affiliate programs require you to provide a Disclaimer and will help you keep your user’s trust.
Provide health and fitness advice? A Disclaimer will protect you in case the user gets injured after following your health and fitness advice, much like the beginning of those exercise videos that you will watch in January of next year.
Provide information that could be seen by others as legal advice? A Disclaimer will protect you by stating that there is no attorney client relationship and that this advice is not legal advice, thus protecting you in case something goes wrong.
How to obtain website policies
If you have the budget, we recommend hiring a lawyer that focuses on privacy law to write your website policies, monitor privacy laws, and update your policies when the laws change or when new laws go into effect. If you do not have the budget to hire a privacy lawyer for your website policies, we recommend using Termageddon.
Termageddon is a comprehensive website policies generator and will update your policies when privacy laws change or new privacy laws go into effect, helping you stay compliant and avoid privacy related fines and lawsuits, and they do it at a fraction of the cost of a lawyer. Although Termageddon is a technology company (not a legal services provider), it was founded by a privacy and contracts lawyer and the tool has been recognized as a trusted tech vendor by the largest international privacy organization in the world (iapp.org).
If Termageddon sounds like a good solution for your business, the license costs $10 per month through Castle Web, and we are charging a one-time setup fee of $100 to create the policy webpages, insert/test the code and ensure your policies stay up to date with changes to the law. You will have full access to your policies with your own Termageddon account, and you will be notified when new laws go into effect and when your policies are being updated or when new disclosures require additional questions that need to be answered.
Adding policies to your website is a decision you will have to make. Please review and sign the Website Policies Waiver on the form below, confirming that you have received our notice on the requirements of Privacy Policies, cookie policies, cookie consent banners, and the additional protections of Terms of Service and Disclaimer agreements.
Website Policies Waiver
By signing this waiver, you acknowledge that we informed you that applicable (state, national, or international) law may require your website to have a Privacy Policy with specific disclosures. We are not lawyers, we do not provide Privacy Policies as a service, and we are not responsible for your business complying with any applicable privacy laws.
We have a relationship with a third-party Privacy Policy, Cookie Policy (and cookie consent), and Terms and Conditions generator service called Termageddon and we are able to assist you with linking those policies to your website. You are under no obligation to utilize Termageddon, but it is the service that we use on our own website, have a relationship with (we receive a commission fee or can resell their license to you if you decide to purchase) and recommend. Please note, that should you choose to use Termageddon’s services, your relationship will be directly with them, governed solely by their Privacy Policy and Terms of Service.
Please select your plan for your website’s policies: