Shop confidently - 14-day no-hassle return policy

The #1 Thing EVERY Small Business Forgets (and How It Comes Back to Haunt Them)

Christina Scalera giving presentation on the #1 thing every small business forgets


There's one critical thing EVERY business owner with a website needs (so, everyone). And, if you're missing it, it's the equivalent of you letting your house burn down because you didn't bother installing the $9 fire alarms that would have automatically called the fire department day or night.

If you are super-new to the online world, maybe you missed what I affectionately call the "GDPRmeggedon" in 2018. That was the year the European Union (EU) told the world that they'd better take their privacy policies seriously through the General Data Protection Regulation (GDPR) laws that went into effect May 25, 2018. 

Even though I'm a lawyer, I still have to ask, why should we care about such a boring part of business?

Privacy Policies are the #1 thing every small business owner either forgets, or "forgets." Until they can't. 

There's five good reasons why you shouldn't overlook these. If it helps, I look at these like a deposit into a good mutual fund-- they're a one time investment that only grows with time. They let you focus on the fun, sexy side of business. 

So let's take a look at why they're so important to you, and what can happen if you ignore them. 

"What is a Privacy Policy?"

A privacy policy is basically a short statement of two things:

  • The kind of information you collect from your visitors
  • What you or your business will do with that information

Every website collects something, from IP addresses that give you some good info on your site visitors in your Squarespace or Google analytics, to blog comments who record emails with the submission.

Knowing what these things are is pretty boring... which begs the question:

"Why Should I Care?"

1. Your accounts could be frozen.

Even before the GDPR, the Federal Trade Commission (FTC) here in the United States required us to disclose what information we collected on our site visitors, and what we did with that information. 

And while it's very, very, very unlikely you'll ever receive a slap on the wrist (or worse) from the FTC if you leave off a privacy policy from your site, it's much more likely that the services you use will kick you off. 

The FTC doesn't have the time or resources to care about you. But, they do pay attention to larger sites, like Squarespace, Mailchimp, Convertkit, Facebook and Google.

So if you're using the services of these bigger sites, and you don't have a privacy policy, you run the risk of getting kicked off your fav platforms who ARE a target of frequent FTC investigations.

2. You can't advertise.

With all the focus on these bigger sites, and all the data breaches we've seen lately, there's a new requirement in town: you must have a Privacy Policy to advertise on Google, Facebook and other large ad providers.

"So what? I don't advertise," you say. Well, not today.

But you might want to, especially as your business grows and does better. And if you're more successful, do you really think you want to sit around and drum up a Privacy Policy when you're in the middle of a launch? 

(Hint: no.) 

That's why it's important to knock this out today. I like to make this into an easy-to-remember URL for all my sales pages, like "" instead of whatever it names it by default.

That way, when I'm prompted, or when I'm creating a landing page for a freebie on sites like LeadPages or ClickFunnels, I never have to go and look up my Privacy Policy for the footer on these 3rd party sites-- I can just type in the URL and move on.

3. You can't sell to European or British countries.

The GDPRmeggedon definitely threw the internet into a tailspin. What's funny is that the little guys, like you and I, were wayyyyyy more freaked out than the Googles and Facebooks of the world, who actually should have been scared. 

Probably because you and I don't have endless budgets for frivolous lawsuits, with a team of the world's best lawyers at the ready.

In reality, the new rules from the GDPR didn't affect United States, Canadian or Australian business owners who deal mostly with buyers from these three countries (so, like, most of the internet...)

But, there are plenty of people who sell to Europeans or have European readers accessing their site (selling makes it more likely the GDPR applies to you, but it could just apply if you have a bunch of site visitors from the EU/UK).

If you sell to an EU-based audience, it's a major no-no to skimp on your Privacy Policy, and you could face big fines if you're reported for violating the GDPR.

4. You could get your site removed without warning.

While it would be annoying to get your accounts shut down, you could probably get them back up and running within a matter of days or weeks. However, because privacy is only becoming more of a concern, your site host (GoDaddy, WPEngine, Shopify, Squarepace, Wix, etc.) could just decide to drop you altogether.

It would NOT be fun to hit your groove in your business, find consistent leads and/or product sales coming in, then have to deal with a devastating rebuild when you're no longer welcome on your original site's platform.

Especially because a great Privacy Policy template, that you only need to buy once, is a fraction of what you pay every year for site hosting, updates, themes and design.

5. Your visitors will lose trust in you.

If you think site visitors aren't reading Privacy Policies because they're typically buried in site footers, think again!

I bet even you have checked out a few in your lifetime, just to see what some shady bank or online site is doing with your deets.

Having a Privacy Policy is a good first step, but an even better way to earn the trust of your visitors is to have a GREAT Privacy Policy you're proud to share with them. 

And, you don't have to be a legal genius to dream one up, or spend hours hunting around the 'net to Frankenstein one together from various sources.

All you have to do is click here, and you can get the Privacy Policy that is trusted by over 1000+ small business owners online. 

"What about Terms & Conditions?"

Oftentimes, Privacy Policies are lumped in with site Terms & Conditions (T&C).

Your T&C are really cool, because they're the rules of your castle-- your website being your castle. You're the queen, or king, and you get to decide what these mere peons trespassing on your turf are allowed to do, and what they need to leave alone (such as your original photography).

You can go hog wild customizing these, demanding that every site visitor leave immediately if they have a negative attitude, blue hair or are under 13 years old (nothing against negative people or blue-haired friends... but 12 year olds, you're on your own).

I suggest you start here, since you need a Privacy Policy anyway.

Your T&C is also where you can define where customers can get in touch with you for support, and your refund policy, even if it sucks (I'm a big fan of 14-day any-reason refund policies like ours).

"OMG I just skipped to the bottom, can you tell me WTF this is about so I don't end up in trouble?"

Wowwwww, I'm super offended. JK, this is basically the only reason blog posts still exist, right? 

Make sure you have:

• A Privacy Policy (click here to get one pre-made for you)

• Some Terms & Conditions for your site that define what people can and can't do, and what your refund/ customer service policies are

Leave a comment

Comments will be approved before showing up.

Also in The Blog

11 Clauses You Should Include in Wedding Contracts
11 Clauses You Should Include in Wedding Contracts

How to Name a Business in 6 Steps
How to Name a Business in 6 Steps

Avoid this fake check scam
Avoid this Fake Check Scam (2024)