Help, I Need a Privacy Policy

January 30, 2020

If you have a website and you're collecting personal information from people, be it email addresses or credit card information, it's prudent to have a privacy policy.

Simply, your website sets out:

  • what you do with the data
  • the purpose behind why you collect it
  • how you look after it
  • who you share it with
  • the legal basis for storing it (One of 6 including consent, legitimate interest or performance of contract)
  • how your customers can exercise their rights under GDPR

Every Privacy Policy is going to be unique to that business. If your policy doesn't accurately describe your data protection practices you could be setting yourself up for legal wrangles down the line. Think of it like an insurance policy. Hopefully you'll never need it but if you do you want to make sure there is no wriggle room.

But have you considered:

  • Will children access your site?
  • Are you collecting any Special Category Data for example health data
  • Do you make use of CCTV ?
  • If you're based in Ireland you need to consider the Data Protection Act 1988 and the ePriivacy Directive
  • Which cookies your web develop has included in your site?

Back up what you promise with documentation

Your website sets out what you're doing but are you doing it in practice? How you can prove it?

A data protection policy is a good place to start. This is where you set out your practices like how you manage passwords, emails, device security, levels of access and more.

Record how long you store information for and how you dispose of it. Create some procedures for handling Data Subject Access requests and Security Breaches.

Overwhelmed? This is our business, we can make this simple and you can get on with the business of running your business

Get in touch

Data Influence will have a stand at the Galway Local Enterprise Office Website Wiki Day on Wednesday 5th February at the Salthill Hotel. We will be on hand to answer any questions you might have on Websites and Privacy Policies.

If you see us there, please come over and say hi - we'd love to meet you.

Intrigued? Some further reading

https://medium.com/@StartupPolicy/five-reasons-why-copying-someone-else-s-terms-of-use-and-privacy-policy-is-a-bad-idea-fd8d126ac0b3

https://blog.hubspot.com/marketing/you-need-a-privacy-policy

https://www.proprivacy.ie/privacy-and-data-protection/your-data-protection-compliance-requirements-a-short-guide-for-smes/

Data Influence blogs and stories are provided for information only, not legal advice. Always consult your lawyer on legal matters.

Find the value in Data Protection
The most valuable asset in your business is your people.
Next is your data.
Protecting your data makes good business sense.
Start Now