Your website is essential to your online business. By developing and curating an online presence however, you take on legal and moral obligations to your users. One crucial aspect of those responsibilities is the protection of their right to privacy.
Like in all commercial ventures involving the use of technology, you will almost certainly collect and retain some user information. This may be done directly, through the processing of payment information, or indirectly, through third-party service providers or tracking technologies, such as cookies.
The ecosystem of business — particularly online business — is not static. Changes are often made to forecasts, models, and business plans in order to better suit the company’s needs. These changes are based on critical growth assessments and fiscal performance reviews.
If you make any changes to your policies, make sure you also keep a records of those changes.
Any alterations to your online presence may result in the collection of more user information, whether or not that is what you intend.
Similarly, if state or federal laws change, you are obligated to comply and must ensure that your policy is consistent with the new legal mandates.
2. Why Should You Tell Users About Privacy Updates?
It also makes good business sense to incorporate privacy by design and create an atmosphere of transparency with your customers in order to gain their trust.
1. You Want to Avoid Legal Challenges
This requirement is the result of state laws such as the California Online Privacy Protection Act (CalOPPA), which applies to any website that gathers information from California consumers, regardless of the location of the business.
The FTC’s Gramm-Leach-Bliley Act also governs privacy and the collection of financial data — including credit card information. Failure to comply with state or federal laws can result in serious legal sanctions against your business.
Violations to privacy laws can result in fines of thousands — or even millions — of dollars.
Changing the rules without notice can be framed in court — and in the public eye — as a deceptive practice and companies who do not abide by their own privacy policies risk a lawsuit brought by their state’s attorney general.
2. You Want to Avoid Public Backlash
Increasingly, internet users are becoming more conscious of the information they share online. While much focus in the U.S. and internationally regarding online privacy law is on personally identifiable information, concerns are also frequently raised about aggregate data that is collected and sold in order to streamline marketing efforts.
Legal protections for this kind of information were supposed to come into effect this fall, but the Washington Post reported in March that the proposed protections have been halted by the new administration.
Customers should have easy access to a contact form for any questions or complaints.
3. You Market to Children
Your responsibility is particularly serious if your website attracts or markets specifically to children. Data collected from users under the age of 13 is subject to federal legislation implemented to protect them and their interests.
3. How to Notify Users About Updates
If you run a site which has regular users who may need time to transition off of your site if they do not agree to your new policy, you should offer them the courtesy of advanced notice of at least a couple of weeks.
Notice may or may not be legally required, but it is a great way to develop trust with your customers.
You can also create a blog post or addition to your site’s news section. Place a banner on your site’s home page and/or a pop-up that lets people know about the new policy before they begin to interact with the site. That way, they have the opportunity to leave if they find the changes unacceptable.
4. It’s About Trust
At the end of the day, maintaining trust with your users is what will keep you in business. In the world of online business, your customers rarely have voice-to-voice or face-to-face contact with a real person who works for your business. Your trust is built almost entirely on the promises you make through the text and images on your site, and how well you keep those promises.
Regardless of whether it is a legal requirement, being upfront about how you handle user data is one way to develop long-lasting customer relationships.