There's one critical thing EVERY business owner with a website needs (so, everyone). And, if you're missing it, it's the equivalent of you letting your house burn down because you didn't bother installing the $9 fire alarms that would have automatically called the fire department day or night.
If you are super-new to the online world, maybe you missed what I affectionately call the "GDPRmeggedon" in 2018. That was the year the European Union (EU) told the world that they'd better take their privacy policies seriously through the General Data Protection Regulation (GDPR) laws that went into effect May 25, 2018.
Even though I'm a lawyer, I still have to ask, why should we care about such a boring part of business?
Privacy Policies are the #1 thing every small business owner either forgets, or "forgets." Until they can't.
There's five good reasons why you shouldn't overlook these. If it helps, I look at these like a deposit into a good mutual fund-- they're a one time investment that only grows with time. They let you focus on the fun, sexy side of business.
So let's take a look at why they're so important to you, and what can happen if you ignore them.
- The kind of information you collect from your visitors
- What you or your business will do with that information
Every website collects something, from IP addresses that give you some good info on your site visitors in your Squarespace or Google analytics, to blog comments who record emails with the submission.
Knowing what these things are is pretty boring... which begs the question:
"Why Should I Care?"
1. Your accounts could be frozen.
Even before the GDPR, the Federal Trade Commission (FTC) here in the United States required us to disclose what information we collected on our site visitors, and what we did with that information.
The FTC doesn't have the time or resources to care about you. But, they do pay attention to larger sites, like Squarespace, Mailchimp, Convertkit, Facebook and Google.
2. You can't advertise.
"So what? I don't advertise," you say. Well, not today.
That's why it's important to knock this out today. I like to make this into an easy-to-remember URL for all my sales pages, like "TheContractShop.com/privacy" instead of whatever it names it by default.
3. You can't sell to European or British countries.
The GDPRmeggedon definitely threw the internet into a tailspin. What's funny is that the little guys, like you and I, were wayyyyyy more freaked out than the Googles and Facebooks of the world, who actually should have been scared.
Probably because you and I don't have endless budgets for frivolous lawsuits, with a team of the world's best lawyers at the ready.
In reality, the new rules from the GDPR didn't affect United States, Canadian or Australian business owners who deal mostly with buyers from these three countries (so, like, most of the internet...)
But, there are plenty of people who sell to Europeans or have European readers accessing their site (selling makes it more likely the GDPR applies to you, but it could just apply if you have a bunch of site visitors from the EU/UK).
4. You could get your site removed without warning.
While it would be annoying to get your accounts shut down, you could probably get them back up and running within a matter of days or weeks. However, because privacy is only becoming more of a concern, your site host (GoDaddy, WPEngine, Shopify, Squarepace, Wix, etc.) could just decide to drop you altogether.
It would NOT be fun to hit your groove in your business, find consistent leads and/or product sales coming in, then have to deal with a devastating rebuild when you're no longer welcome on your original site's platform.
5. Your visitors will lose trust in you.
If you think site visitors aren't reading Privacy Policies because they're typically buried in site footers, think again!
I bet even you have checked out a few in your lifetime, just to see what some shady bank or online site is doing with your deets.
And, you don't have to be a legal genius to dream one up, or spend hours hunting around the 'net to Frankenstein one together from various sources.
"What about Terms & Conditions?"
Oftentimes, Privacy Policies are lumped in with site Terms & Conditions (T&C).
Your T&C are really cool, because they're the rules of your castle-- your website being your castle. You're the queen, or king, and you get to decide what these mere peons trespassing on your turf are allowed to do, and what they need to leave alone (such as your original photography).
You can go hog wild customizing these, demanding that every site visitor leave immediately if they have a negative attitude, blue hair or are under 13 years old (nothing against negative people or blue-haired friends... but 12 year olds, you're on your own).
Your T&C is also where you can define where customers can get in touch with you for support, and your refund policy, even if it sucks (I'm a big fan of 14-day any-reason refund policies like ours).
"OMG I just skipped to the bottom, can you tell me WTF this is about so I don't end up in trouble?"
Wowwwww, I'm super offended. JK, this is basically the only reason blog posts still exist, right?
Make sure you have:
• Some Terms & Conditions for your site that define what people can and can't do, and what your refund/ customer service policies are