Why Have a Privacy Policy?

Some states such as California require websites and online service operators that collect personal information to have a privacy policy.  The website or service operator will need to post how personal information is collected, used, shared, or disclosed.  Different laws may requirement different elements.

To be safe you should try to comply with the laws of all 50 states.  There are also specific laws for certain industries.  Users must be given a choice of whether they would like their information collected.

Your privacy policy should include how you are collecting the information and what specific information you are collecting.  For the most part you want to limit your collection to what you need and no more.  There are many ways to collect information: cookies, registration, contests, and opt-ins.  It is wise to give a brief description of how information is collected on your website.

Additional requirements may include notifying users where the site service is located, notifying users of certain data protection laws may vary by country.  The standard for websites is to use “commercially reasonable measures” to secure user information.

One other thing to worry about is if minors use your website.  The Children’s Online Privacy Protection Act applies to websites or operators directed to children under 13, or those who know they collect information from children under 13.