- A contact form that requests a name, email and phone number
- A newsletter signup form that requests an email address
- An order page that requests name, address, email, phone, and credit card info
Privacy laws protect consumers (your site visitors and customers) by requiring websites disclose what PII is collected, what’s done with that data, and who the data is shared with.
You know how when you buy something and then you start getting tons of emails about other things you ‘might need’ too? Those are violations of your privacy.
Why does this matter for your small business website?
Otherwise you risk penalties. For the CCPA (California Consumer Privacy Act), if a customer of your site is not allowed the rights accorded them by CCPA, they have the potential to file a civil suit. Failure to comply with CCPA could result in civil penalties of $2,500 – $7,500 per violation per user. And for GDPR violations, it’s up to 20,000,000 Euros or up to 4% of global revenue.
Caring about privacy can give you an edge over your competition
A Pew Research study from 2019 showed that 79% of U.S. adults said they were concerned about how companies use the data they collect about them. Another study showed that:
- 93% of Americans would switch to a company that prioritizes data privacy.
- 62% of Americans called companies that prioritized privacy ‘trustworthy.’
- 54% of Americans called companies that did not offer data privacy information ‘untrustworthy.’
People worldwide became more aware of privacy issues when the GDPR went into effect in 2018. But also in 2018, the Cambridge Analytica/Facebook scandal broke, disclosing the harvesting of PII from millions of Facebook users which was used for political purposes. That helped U.S. consumers start to focus on their privacy – why were Europeans being protected but Americans weren’t? This put pressure on U.S. lawmakers to get something done to protect U.S. consumers online, too.
Current state of privacy law in the U.S.
There are many bills in play right now in U.S. states to enact their own privacy laws. For example:
- CA, CO, VA have all passed privacy legislation as of July 2021.
- MA, NY, NC, OH and PA are actively considering privacy legislation.
Here’s a map showing the progress of privacy law legislation in the U.S. today.
The common things you’ll see among these bills are:
- They apply whether or not your business has a physical presence in the state.
- The ability to opt out or request confirmation and deletion of PII.
- The disclosures required differ from state to state, creating a patchwork of different rules.
There is no federal privacy law in the U.S. as there is in Europe, which will make compliance much harder for U.S. businesses, adding even more requirements for them over time.
- From an attorney. A privacy attorney is a great resource for large clients or ones needing special compliance help. The attorney must have a strategy in place for keeping your policy up to speed with the changing laws. You’ll need to find out if they’ll charge you for each update (which can quickly become expensive).
- From a generator. This is much faster and more cost-effective for many small and medium businesses – you can stay up to date with rapidly-evolving privacy laws at no additional cost.
Your policy will include the required content and disclosures depending on your location and who you sell and market to. Best of all, it gets updated automatically on your website when new laws are passed, so you don’t have to do anything about it.
Included in your service:
- Learning about your audience to determine what laws will apply to your website
- A scan of your site to locate potential privacy issues with third-party functionality
- Creating a custom policy with the appropriate disclosures for your location and audience
- Cookie consent bar placement in your site
For existing clients, sign up here. For more information, just click the button below. We’re happy to answer your questions.