5 Website Privacy Policy Mistakes That Can Screw Up Your Business4 min read

Starting your own business is scary and challenging, especially when it comes to legal staff. Let’s chat about data, clients, and ways to mitigate privacy risks from point one.

So you’ve built your website, found perfect colors for your brand book, and found first clients. Good job!

At some point (and believe me, better earlier than later) you found that your state of art website is missing privacy policy. Any ideas of what to do?

The most common answer is open Google and copy-paste a privacy policy from the well-known website you use often and presume that their lawyers know better. This is risky and tricky.

Privacy policy in the essence is an explanation of what your business is doing with collected data from people’s interactions. Moreover, multiple regulators internationally require that privacy policy should be written in plain language and in the way understandable to your user. So as you build your brand for your target audience, build your privacy policy the same way.

Some simple steps to start with your privacy policy:

1. Data mapping

Define what kind of data you collect (emails for newsletters, names, and mobile phones of your prospects, social media profiles, ads data from cookies). Creating the simple list of types of records you have in place will help you navigate a lot of matters moving forward (so keep it handy).

2. Data Minimization

Consider collecting only data that is essential for your business. You probably can have only a zip code instead of a full physical address to know where your clients are coming from, right?

3. Opt-out

Make sure that your customers have the opportunity to unsubscribe, request access to the information your business holds about the user, or request a deletion of all the information you have about them. Be careful to comply with a legitimate request from the data subjects in a timely manner once you have them.

4. Cookies

Make sure to list what kind of cookies your website is using, the data collected and purposes of this data usage (targeted ads, website performance, analytics).

5.Vendors

You probably use analytics tools to measure your website traffic, payment processing systems to get paid by clients and marketing platforms to manage your email and social media campaigns. Simply list the vendors and functions covered by them in the separate section.

To sum up, a simple and clear privacy policy in plain language will increase trust and will make your business more credible instantly and will mitigate the majority of privacy-related risks. Make sure that your privacy policy is up to date with all your business changes such as a new campaign launch or partnership with another organization.

And remember, the safe ground is a key to your success, so consider speaking to your lawyer or privacy consultant first. 

Written by our contributor Halyna Vasylevska. Halyna is a technology lawyer and expert in innovations for regulated industries. She started her career working with international development funds on creative entrepreneurship support programs. Eventually, Halyna became an entrepreneur herself, when co-founded Medics – healthcare platform now serving more than 7000 healthcare providers and used by the Ministry of Health in Ukraine to deliver data-driven healthcare in 10 regions. Using her unique experience Halyna assisted Ukrainian Ministry of Health and Canadian Parliament with their medical data strategies and consulted more than 100 companies in 20 countries globally on technology transactions and product development. Halyna graduated from  Cornell Tech Master of Laws in Technology and Entrepreneurship program in NYC and assisted Credit Karma, Willis Tower Watson and Pfizer with their innovations efforts during her studies. In her latest role, she’ve been serving as Privacy Counsel at TrustArc – leading privacy compliance automation company with the focus on global regulatory requirements and support of product development. Halyna is based in San Francisco, CA and actively advises startup and invited as speaker and expert on the matters on innovations in regulated industries globally. You can connect with Halyna on LinkedIn. Become our contributor too! Apply here.