Last updated: 2021-05-27 (originally published on 2019-05-09) — by Will Elton
In January 2017, it was official – exactly 50% of the global population had internet access. Though this international connectivity brought about a multitude of benefits, we cannot say it wasn’t without a few issues, to put it mildly.
As we arrived in the online world, we entered almost completely exposed. We were ready to put our personal information out in the open, if it meant gaining something in return. Unfortunately, much as in regular life, not everyone we gave our details to had good intentions. Many joined the online community just to collect user data and utilise it in whichever way they pleased without asking if we were okay with it first.
In fact, statistics indicate that there are almost 6.5 million data breaches on a daily basis – if that doesn’t put a little scare in you, Brach Level Index (April 2019) states that someone has their data records lost or stolen every 75 seconds of the day.
This has resulted in the majority of users becoming displeased with the fact that any website they visit can collect their personal info without their consent, and then use it for their own purposes. Of course, there are still many modern consumers who appreciate the benefits this data collection has brought with it (eg. better ad targeting, better services), but most are also worried whether about the downside.
But let’s get into the specifics:
- The document should also outline the methods of data collection (eg. through website cookies, form, etc.).
- It should also state how long you plan on storing the data and keeping it in your possession.
- Users also need to know who can be contacted to access their data in case they decide to request or make changes to their data.
- Furthermore, depending on the location of your company, it is important to provide information on where the data is being stored – are you doing it yourself or is a data centre doing it for you (and if so – where is the centre located?).
- When it comes to businesses that collect cookies, or if your third-party software collects them, it is essential to draft a Cookies Policy where you will explain what cookies are, how you are using them, why they are necessary, and which types and functions each cookie performs.
- Certain countries require websites to give customers a chance to opt out of receiving any further email or notices.
1. Firstly, it’s required by law.
In response to catastrophic breach events, which have occurred on a frequent basis over the years, we’ve seen the rise of laws and regulations intended to keep users’ personal data as safe as possible.
The two most influential ones are:
- General Data Protection Regulation (GDPR) – Europe’s directive which affects websites worldwide. It replaced the Data Protection Act 1998 and dealt with concerns regarding the collection, possession, storage, and sharing of personal data. To find out more about GDPR and how it affects your business, check out Zegal’s white paper on Understanding the new GDPR.
- California Online Privacy Protection Act (CalOPPA) – Established in 2004, it represents the first US law which prevents any website from collecting California-based users’ data, including their email address, phone number, location info, etc. In case a website does intend to collect any information, it is required to have a legal statement outlining your business privacy practices available for a user review.
Others include, Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA), the US’ Children’s Online Privacy Protection Act (COPPA), the UK’s Data Protection Act (DPA) and Australia’s Privacy Act of 1988.
Certainly, we can expect more regulations in the future in response to the emerging global requirements.
2. It is required by third-party services your business website uses
In order to deliver certain services, websites collaborate with third-party affiliates, including website analytics tools, online shopping functions, advertising services, and so on. Consequently, you are required to include a section about these online associates, their role on your website, and explain whether or not they collect user data, in which manner, and for what purposes.
3. Users Demand Privacy
Let’s go back to the beginning. All of this started, largely, because internet users were concerned about their personal data being exposed, collected, used, and share without their knowledge.
It is not that everybody is looking to keep their data private – quite the contrary. Many are willing to disclose their personal information if they get something in return. Nevertheless, they would still like to know what the info will be used for.
- Which information will be collected
- How will the data be used
- Who can they contact to access their personal data
- If the information will be used in another country
- If payments are possible on the website and which type of encryption is used
Easy. Make one here.
This article does not constitute legal advice.
No results found
Freelancer Guide to IR35
If you're a freelancer in the UK, you'll be needing to understand whether you fall under the scope of the new IR35 regulations or not.
How to be outside IR35
With the April tax changes in the UK, consultants, freelancers, and contractors may need to make some small adaptions to the way they work to make sure they can clearly be outside IR35 for their next tax return.
ZEGAL SEES HUGE CUSTOMER GROWTH IN THE UK
Zegal, the end-to-end legal platform for small businesses, launched in Australasia, sees tremendous growth in the UK.
How does Share Vesting work?
Share vesting is the process by which a company gives its equity to its employees or consultants. Find out how exactly share vesting works:
Zegal and 360 Law Group to help bolster the UK small business economy
Zegal, the end-to-end legal platform for small businesses, and 360 Law Group, give UK companies ability to control their own legals from home
What is IR35?
You may have heard the term bandied around but what exactly is IR35? If you are self-employed, or employ contractors of any sort, you need to invest some time investigating this term.
Am I Inside or Outside IR35?
The new UK IR35 rules for off-payroll employees refer to a person's status as being either inside or outside IR35. Here's what that means:
Optimizing Document Workflow While Remote Working
Documents are an essential part of business operations. Learn how to maintain and optimize the document workflow while working remotely.
Legal Considerations When Starting a Small Business
Knowing what you need to iron out when opening your business will help you to avoid extraneous costs in the future as well as potentially saving you from losing your hard-built business if you run into any legal battles.
Virtual Assistants: Game Changers for SME Customer Engagement
Virtual assistants have many essential roles to play providing support services to small and medium businesses. Basically, they are contractors who work to provide administrative services for SME clients.
The 8 Best Software Tools For Small Business
Choosing the right software tools for your small business that will do most of the job with minimal effort —and most importantly— affordably, is essential.