A beautifully crafted website not only showcases your business and passion but also brings in leads for your business. That’s why most websites include a contact form so that potential customers can get in touch with you to inquire about your products or services. A contact form usually requests some information from the user such as their name, email and phone number. Below is a great example of a simple and effective contact form.
- Inform you of what laws apply to most websites; and
- Recommend you an easy to implement solution that will get you compliant.
While all of the new privacy laws and proposed bills can be a bit confusing, a few important principles can help you navigate the current regulatory landscape.
Since most websites have a contact form, we will assume that yours does too. A contact form collects information such as name, email and phone number. All of this information is defined as “personally identifiable information” as it can be used to identify someone. While the use of PII has been a wild west in the past, currently, it is clear that consumers are more interested in the privacy of the information they share online than ever before. Due to consumer interest and some unfortunate data abuses in the past (think Facebook and Cambridge Analytica), states and governments have been proposing and passing new privacy laws that would protect PII.
Currently, there are four laws that require Privacy Policies:
1. You offer goods or services to EU residents;
2. You monitor the behavior of EU residents; or
3. You process and hold the data of EU residents.
- California Online Privacy Protection Act: this law applies to you if you collect the PII of California residents on your website.
- California Consumer Privacy Act: this law applies to you if you do business in California and you:
1. Have annual gross revenues of over $250,000,000;
2. Annually buy, receive, sell or share the personal information of 50,000 or more California residents, households or devices; or
3. Derive 50% or more of your annual revenue from selling the personal information of California residents.
- Nevada Chapter 603A/SB220: this law applies to you if you:
1. Collect the PII of Nevada residents; or
2. Purposefully direct your activities to Nevada, enter into transactions with Nevada consumers or conduct business in Nevada.
If you are not located in California or Nevada, your first instinct may be that these laws do not apply to you and thus you do not need to worry about it. Let me ask you this question: when you go online to search for whatever it is that you need, do you only visit the websites in your state? Usually, people search by what they need and not by location. So, unless you offer hyper-local services, it is possible that the laws of other states would apply to your website.
We hope that you check out Termageddon, an affordable solution to generating Privacy Policies that automatically updates your policies whenever the laws change.
Save 10% with promo code: JEREMY
Written by: Donata Kalnenaite, Esq., CIPP
President and Co-founder